RE: DDOS attacks and Large ISPs doing NAT?

["Mansey, Jon" <Jon_Mansey () verestar com>]

Unless Im mistaken (entirely possible), an IP enabled phone has 2 distinct
and separate "stacks", the IP stack and the "phone" stack.

As I said, in a NAT'd scenario the IP stack will never see an unsolicited
request and hence not respond to it.

The phone side of course will ring when called. Duh.

GPRS <> VoIP (yet)

Jm


> -----Original Message-----
> From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] 
> Sent: Thursday, May 02, 2002 11:26 AM
> To: Mansey, Jon
> Cc: nanog () merit edu
> Subject: Re: DDOS attacks and Large ISPs doing NAT? 
>
>
> On Thu, 02 May 2002 11:06:33 PDT, "Mansey, Jon" said:
>
> > The DDOS discussion is specifically referring to a "live" syn or 
> > syn/ack attack from hosts that respond to connection 
> requests. A NAT'd 
> > cell phone wont, cant ever, respond to an unsolicited connection 
> > request.
>
> *RING*!! *RING*!!  Oh, I'm sorry, that was the clue phone 
> ringing - it couldn't be your phone, since it wouldn't answer 
> an unsolicited connection request....
>
> You were saying?
>
> (To fill in the blanks - get a trojan loaded into the 
> cellphone/PDA combo, and then send it a page telling it 
> who/what to attack).
>
> -- 
>                               Valdis Kletnieks
>                               Computer Systems Senior Engineer
>                               Virginia Tech