nanog mailing list archives

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)

From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Sun, 7 Mar 2004 22:28:14 +0000 (GMT)


removed paul from the direct reply since his mailserver doesn't like uunet
mail servers :)

On Sun, 7 Mar 2004, Stephen J. Wilcox wrote:

smurf attacks are far from 'non-existent' today, however they are not as
popular as in 1999-2000-2001.


thats interesting, i've not seen/heard of one for ages.. (guess u have a wider
testing ground :)


just last week we had one... they do still happen.

In fact netscan.org still shows almost 9k networks that are 'broken'.


actually i just ran that file thro a quick awk and sort to see to what extent
these networks exist..

as you can see almost all only reply two or three times, not like in the old
days with >100 replies being commonplace..


Sure, but a list of 9k networks with this leve of response is still enough
to do damage. It's getting better, no doubt about it but it's still a
factor.



--Chris
(formerly chris () uu net)
#######################################################
## UUNET Technologies, Inc.                          ##
## Manager                                           ##
## Customer Router Security Engineering Team         ##
## (W)703-886-3823 (C)703-338-7319                   ##
#######################################################

Current thread:

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS), (continued)
- - - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie (Mar 06)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 08)

(Thread continues...)