Bugtraq mailing list archives

Re: DDOS Attack Mitigation

From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Sun, 13 Feb 2000 19:50:17 +1100


In some mail from Elias Levy, sie said:
[...]

Network Ingress Filtering:
--------------------------

All network access providers should implement network ingress filtering
to stop any of their downstream networks from injecting packets with
faked or "spoofed" addressed into the Internet.

Although this does not stop an attack from occurring it does make it
much easier to track down the source of the attack and terminate it
quickly.

For information on network ingress filtering read RFC 2267:
http://info.internet.isi.edu/in-notes/rfc/files/rfc2267.txt


You know if anyone was of a mind to find someone at fault over this,
I'd start pointing the finger at ISP's who haven't been doing this
due to "performance reasons".  They've had the ability to do it for
years and in doing so would seriously reduce the number and possibility
of "spoofing" attacks.

Darren

Current thread:

Re: 'cross site scripting' CERT advisory and MS, (continued)
- - - Re: 'cross site scripting' CERT advisory and MS Marc Slemko (Feb 11)
    - Re: 'cross site scripting' CERT advisory and MS Rishi Lee Khan (Feb 14)
    - Packet Tracing (linux klog patch) Dragos Ruiu (Feb 12)
    - Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 15)
    - Re: Packet Tracing (linux klog patch) Dragos Ruiu (Feb 17)
    - Re: Packet Tracing (linux klog patch) Andrzej Bialecki (Feb 17)
    - crash windows boxes on your local network (twinge.c) sinkhole () NILL NET (Feb 10)
    - Re: crash windows boxes on your local network (twinge.c) Elias Levy (Feb 14)
    - DDOS Attack Mitigation Elias Levy (Feb 11)
    - TESO - Nameserver traffic amplify and NS route discovery Sebastian (Feb 12)
    - Re: DDOS Attack Mitigation Darren Reed (Feb 13)
    - Re: DDOS Attack Mitigation Alan Brown (Feb 14)
    - Re: DDOS Attack Mitigation Darren Reed (Feb 14)
    - NetBSD Security Advisory 1999-012 Daniel Carosone (Feb 15)
    - Re: DDOS Attack Mitigation Chris Cappuccio (Feb 15)
    - Re: DDOS Attack Mitigation Carson Gaspar (Feb 15)
    - Re: DDOS Attack Mitigation John Edwards (Feb 15)
    - Re: DDOS Attack Mitigation Ryan Russell (Feb 16)
    - Administrivia Elias Levy (Feb 16)
    - Re: DDOS Attack Mitigation John Payne (Feb 14)
    - Re: DDOS Attack Mitigation Julien Nadeau (Feb 14)

(Thread continues...)