Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re[4]: DDOS mitigation

From: "Smith, Brad" <brad.smith () saskeds com>
Date: Tue, 15 Aug 2006 11:48:36 -0600
You don't obviously. This is true for all Internet traffic. However, what I was asking was are you ok with having 
someone else search through everything that you have all the time to make sure it's valid. You are giving them 
permission to redirect your traffic elsewhere. What controls do you have to NOT refuse traffic or to white list 
clients. You know that these people will be stopping, reviewing and forwarding every packet that is destined for you? I 
am not saying that it is a bad choice, just that a company needs to be aware of all the implications of such a choice. 
What happens when that company get's DDOS'd? Not only is their traffic affected, yours is now too. You are correct is 
indicating that having the indicated company manage your traffic will reduce the likelihood that you will be affected. 
I just wanted to raise questions so that an informed choice will be made when or if someone chooses to utilize this.

________________________________

From: Thierry Zoller [mailto:Thierry () Zoller lu]
Sent: Tue 8/15/2006 10:34 AM
To: Smith, Brad
Cc: security-basics () securityfocus com
Subject: Re[4]: DDOS mitigation



Dear Brad Smith,

Your traffic is already being routed through "other networks first"
right now at this very moment. How sure are you that there is not
a ba guy somewhere in your routing path right now ?

SB> While it is true that this will filter off DDOS attacks for your
SB> network, it does mean that ALL your traffic is going to another
SB> network first. EVERY packet is being checked by a third party,
SB> different network and possibly even a different country. What does
SB> security think about having  a different company/country examining
SB> every packet that is heading to your network. How private is this
SB> company? Will the latency affect your company/visit/sales?

SB> Just some things to consider.




--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: