Firewall Wizards mailing list archives
Re: RE: Why blocking bogons buys you nothing (Mikael Olsson)
From: Mikael Olsson <mikael.olsson () clavister com>
Date: Mon, 10 Nov 2003 03:12:16 +0100
Barney Wolff wrote:
On Sun, Nov 09, 2003 at 07:07:10PM +0100, Mikael Olsson wrote:40-50% is not "significant" for a DDoS in my opinion. Especially not if you're doing it on the wrong end of your Internet connection.Depends on your goal. If your goal is immunity from every DDoS, yes. But that goal is unattainable by any means. If your goal is to reduce the frequency of outages caused by DDoS, 50% is significant, because not every attack will come from the most powerful attacker.
And not every attack will come from DDoS slaves that spoof their source IPs. And not all of the spoofing slaves will use completely random source IPs. I've been on the receiving end of about half a dozen DDoSes so far. None of them used randomized addresses. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Why blocking bogons buys you nothing (Mikael Olsson) Stephen Gill (Nov 09)
- Re: RE: Why blocking bogons buys you nothing (Mikael Olsson) Mikael Olsson (Nov 09)
- Re: RE: Why blocking bogons buys you nothing (Mikael Olsson) Barney Wolff (Nov 10)
- Re: RE: Why blocking bogons buys you nothing (Mikael Olsson) Mikael Olsson (Nov 10)
- RE: RE: Why blocking bogons buys you nothing (Mikael Olsson) Stephen Gill (Nov 11)
- Re: RE: Why blocking bogons buys you nothing (Mikael Olsson) Barney Wolff (Nov 10)
- Re: RE: Why blocking bogons buys you nothing (Mikael Olsson) Mikael Olsson (Nov 09)