nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: Scott Francis <darkuncle () darkuncle net>
Date: Thu, 2 May 2002 01:37:07 -0700
On Wed, May 01, 2002 at 05:18:24PM -0600, pete () kruckenberg com said: [snip]
A rather extensive survey of DDoS papers has not resulted in much on this topic. What processes and/or tools are large networks using to identify and limit the impact of DDoS attacks?
It seems to me that the real issue in defending against an attack of this type of differentiating between legitimate traffic and zombie traffic. This seems to be self-evident, but on a distributed scale, how _would_ one tell the difference between a host/netblock that's making a lot of requests to a busy site (amazon.com, say) and a host/netblock that's sending a lot of zombie requests, especially when both sets of requests are bound for the same ports (80/443 in this case) on the same IP/set of IPs? The more D the DoS, the more difficult it becomes to tell what's legit and what's not. (Stating the obvious again, I know, but it helps me think. :) ) -- Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t Systems/Network Manager sfrancis@ [work:] t o n o s . c o m GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
Attachment:
_bin
Description:
Current thread:
- Re: Effective ways to deal with DDoS attacks?, (continued)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Vincent Gillet (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? measl (May 02)
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)
- Re: Effective ways to deal with DDoS attacks? Avleen Vig (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 04)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)