nanog mailing list archives
RE: DDOS anecdotes
From: Daniel Senie <dts () senie com>
Date: Sat, 23 Jun 2001 15:13:34 -0400
At 02:37 PM 6/23/01, Tim Wilde wrote:
> This is a real problem. It's not FUD. Microsofts choice to include full > IP stack capabilities will make the problem worse, but I do not blame > their IP stack for this like Mr Gibson does though. Oh, it's most certainly a real problem, but I don't agree that the changes in Win XP will really make any difference whatsoever. With some very trivial driver additions, raw sockets can be accessed under any previous version of Windows, just like in XP.
Indeed, there have been LAN analyzers which run on all variants of Windows for a very long time. These can generate / play back traffic, using whatever source IP addresses and MAC addresses were on the original packets. Obviously, a general spoofing tool for Win95 could be written. After reading that part of the tirade, I came to the same conclusion as a previous poster... lots of FUD, and not much more.
It's been 5 years since the document now published as RFC 2827 was first a draft. Many sites do ingress or egress filtering. Many don't. Most router equipment can now handle it, according to the manufacturers. Yes, there are issues dealing with multi-homing. However, it appears many attacks still originate from single homed sites, dialup sites, cable modem attached systems, and the like. In most cases, these could be filtered. Has anyone at any of the cable modem vendors made any attempts to try ingress filtering in the cable system head-end routers? Did it work? Need help trying it out? While Ingress filtering will not cure the world, it can help de-fang many attacks. Unfortunately, it requires cooperation to be effective.
----------------------------------------------------------------- Daniel Senie dts () senie com Amaranth Networks Inc. http://www.amaranth.com
Current thread:
- RE: peering requirements (Re: DDOS anecdotes), (continued)
- RE: peering requirements (Re: DDOS anecdotes) Przemyslaw Karwasiecki (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Paul A Vixie (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Randy Bush (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Paul A Vixie (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Randy Bush (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Paul A Vixie (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Randy Bush (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Paul A Vixie (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Randy Bush (Jun 26)
- Re: peering requirements (Re: DDOS anecdotes) Hank Nussbacher (Jun 27)
- Message not available
- RE: DDOS anecdotes Daniel Senie (Jun 23)
- RE: DDOS anecdotes Greg A. Woods (Jun 23)
- Re: DDOS anecdotes Michael Painter (Jun 23)
- Re: DDOS anecdotes Paul Vixie (Jun 23)
- Re: DDOS anecdotes Roland Dobbins (Jun 23)
- Re: DDOS anecdotes Jonas Luster (Jun 23)
- RE: DDOS anecdotes Jason Lewis (Jun 23)
- RE: DDOS anecdotes mike harrison (Jun 24)
- Re: DDOS anecdotes David Howe (Jun 24)
- Re: DDOS anecdotes Michael Painter (Jun 23)
- Exodus Down mike harrison (Jun 23)