nanog mailing list archives
Re: SCO
From: Petri Helenius <pete () he iki fi>
Date: Mon, 02 Feb 2004 01:37:26 +0200
Valdis.Kletnieks () vt edu wrote:
There are quite a few companies, big and small, who would be happy to sell you web or content "switches" which forward the HTTP requests to the actual servers based onUmm,, I'll bite. If www.sco.com and www.caldera.com are on the same IP, how do you create a DDoS that wouldn't take out the Caldera site as well? A sheer-traffic DDoS will hurt both. A synflood will hurt both. The webserver that's listening on port 80 doesn't know which site is being connected to until it actually reads in the HTTP/1.1 headers and looks at the Host: tag - and if there's enough things arriving with 'Host: www.sco.com', it will require some *very* creative filtering/limiting to keep one website working while the other is down....
almost any bit in the HTTP request.So far there is no real indication that anything else happened than a single-machine website at some corner of the internet got a little overwhelmed by the attention it got. For example ftp.sco.com answers rapidly and is on the same subnet than the supposed DDoS target so
that rules congestion in the local loop out.Since the number of requests is probably very reasonable, just cutting the page the windows machines request to a bare minimum redirect would most likely made even grandpa´s old 486 to serve
the pages with modern kernel.Does anybody have any numbers to actually support the theory that there would actually be significant
traffic flowing somewhere? Pete
Current thread:
- Did Wanadoo, French ISP, block access to SCO? Sean Donelan (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? James Edwards (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Thomas Seyrat (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Rubens Kuhl Jr. (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Valdis . Kletnieks (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Rubens Kuhl Jr. (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Stephen J. Wilcox (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Jess Kitchen (Feb 01)
- Re: SCO Petri Helenius (Feb 01)
- Re: SCO Valdis . Kletnieks (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? James Edwards (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Petri Helenius (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Randy Bush (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Petri Helenius (Feb 01)
- <Possible follow-ups>
- RE: Did Wanadoo, French ISP, block access to SCO? CHUNIKHIN Igor FTLD (Feb 01)
- Re: Did Wanadoo, French ISP, block access to SCO? Miquel van Smoorenburg (Feb 02)