nanog mailing list archives
Re: ICANN Targets DDoS Attacks
From: "alok" <alok.dube () apara com>
Date: Tue, 5 Nov 2002 02:07:31 +0530
Hi, { this is one "snappy" mailing list :o) }...... I meant, where can I find the people bouncing ideas on this topic.... -rgds Alok ----- Original Message ----- From: <bmanning () beguile ip4 int> To: David Conrad <david.conrad () nominum com> Cc: <bmanning () vacation karoshi com>; alok <alok.dube () apara com>; <cjclark () alum mit edu>; <Valdis.Kletnieks () vt edu>; nanog <nanog () merit edu> Sent: Tuesday, November 05, 2002 5:58 AM Subject: Re: ICANN Targets DDoS Attacks ok, so i exploited the ambiguity in the original question. wrt "active" - there is a sub-group from within the RSSAC members that seems to be exchanging email on a regular basis on various response vectors to either diffuse an attack (anycast) or repel an attack (rate-limits). On Mon, Nov 04, 2002 at 09:08:44AM -0800, David Conrad wrote:
Just to be clear: (a) RSSAC is not an IETF working group. It is an ICANN thing and not open to the public (last I heard) (b) "active" in this context must be using a definition of that term that I'm unfamiliar with. Rgds, -drc On 11/4/02 3:47 PM, "bmanning () vacation karoshi com" <bmanning () vacation karoshi com> wrote:yes. this is a topic of active discussion within the RSSAC.is any active working group persuing this matter seriously? -rgds Alok ----- Original Message ----- From: alok <alok.dube () apara com> To: <cjclark () alum mit edu>; <Valdis.Kletnieks () vt edu> Sent: Saturday, November 02, 2002 4:26 AM Subject: Re: ICANN Targets DDoS AttacksThe first, dropping broadcasts destined to your customers, is possibly doable, but not trivial.------> IGP learnt networks .. a small tweaky bit which learns
broadcast
addresses via the networks in the IGP wud help (again summarization wud
make
it bad)The second, catching all broadcasts coming in, out, or just passing through, is pretty much impossible.-----> a very small percentage cud be blocked if u were willing to link
this
to BGP learnt networks..at least those are "complete networks", not subnetted.... ofcourse its a very small portion, mebbe u cud ask guys to send more specific BGP routes from now.... -A
Current thread:
- Re: ICANN Targets DDoS Attacks Alex Bligh (Nov 01)
- <Possible follow-ups>
- Re: ICANN Targets DDoS Attacks alok (Nov 04)
- Re: ICANN Targets DDoS Attacks bmanning (Nov 04)
- Re: ICANN Targets DDoS Attacks Alex Bligh (Nov 04)
- Re: ICANN Targets DDoS Attacks alok (Nov 04)
- Re: ICANN Targets DDoS Attacks David Conrad (Nov 04)
- Message not available
- Re: ICANN Targets DDoS Attacks alok (Nov 04)
- Re: ICANN Targets DDoS Attacks bmanning (Nov 04)