nanog mailing list archives
Re: WANTED: ISPs with DDoS defense solutions
From: Jack Bates <jbates () brightok net>
Date: Mon, 04 Aug 2003 16:59:53 -0500
Randy Bush wrote:
Spoofed packets are harder to trace to the source than non-spoofed packets. Knowing where a malicious packet is very important to the process of trying to stop the malicious packet(s). Anyone without anti-spoof filtering has no interest in managing their network, keeping it secure, and assisting the Internet as a whole.anti-spoofing eliminates certain avenues of attack allowing one to focus on remaining avenues, and hence (as Vix stated) is necessary but not sufficient.it turns 1% of the technical problem into a massive social business problem which, even if it was solvable (which it practically isn't), would also be addressed by technical solutions where no spoofing is involved.
Without spoofing, one could take a list of 5,000 IP addresses involved in an attack and say, "These are either compromised or direct attacks," and issue reports to the correct people (with a few scripts). With spoofing, there is no reliable way of knowing if a host is compromised, the attacker, or if it's just another IP being spoofed. In such cases, on has to contact each IP owner and find out if spoof protection is enabled. If it is, then the party needs to look into the problem. If not, then it's just another waste of time.
-Jack
Current thread:
- Re: WANTED: ISPs with DDoS defense solutions, (continued)
- Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Paul Vixie (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Vadim Antonov (Aug 05)
- Re: WANTED: ISPs with DDoS defense solutions bdragon (Aug 05)
- Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow (Aug 05)
- Re: WANTED: ISPs with DDoS defense solutions Randy Bush (Aug 06)
- opsec IETF draft (was Re: WANTED: ISPs with DDoS defense solutions) George Jones (Aug 07)
- Re: WANTED: ISPs with DDoS defense solutions Randy Bush (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Jack Bates (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Jared Mauch (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions bdragon (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Rob Thomas (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Rob Thomas (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Hank Nussbacher (Aug 04)
- Re: WANTED: ISPs with DDoS defense solutions Jared Mauch (Aug 05)