nanog mailing list archives

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)

From: Sean Donelan <sean () donelan com>
Date: Sun, 7 Mar 2004 02:13:38 -0500 (EST)


On Sat, 6 Mar 2004, Avleen Vig wrote:

On Sat, Mar 06, 2004 at 06:39:21PM -0500, Sean Donelan wrote:

Source address validation (or Cisco's term uRPF) is perhaps more widely
deployed than people realize.  Its not 100%, but what's interesting is
despite its use, it appears to have had very little impact on DDOS or
lots of other bad things.


Try saying that after running a major DDoS target, with "HIT ME" your
forehead.
No offense Sean but I'd like you to back your claim up with some
impirical data first.


Has the number of DDOS attacks increased or decreased in the last few
years has uRPF has become more widely deployed?

Do you have any evidence the number of attacks are decreasing?

Current thread:

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS), (continued)
- - - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Joe Provo (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Henry Linneweh (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Ken Diliberto (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Dan Hollis (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) fingers (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) vijay gill (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie (Mar 07)

(Thread continues...)