Re: Recent DDoS

[oogali () INTRANOVA NET (Omachonu Ogali)]

You can stop spoofed address from originating from your network at the
perimeter by enabled reverse unicast verification. As for the outside, you
need to work along with other ISP's.

On Wed, 9 Feb 2000 henry.escobar () MINDSPRING COM wrote:

> I believe the reason why it hasn't been discussed is that this is fairly "old news" that was discussed and anaysed on 
> bugtraq.
>
> You might want to check the bugtraq archive and/or read
> http://www.cert.org/incident_notes/IN-99-07.html
>
> There is also not much that we can do!
> If we dynamically block IPs from accessing our servers WE create a new DOS when "hackers" spoof IP addresses...
>
> The attack is against the pipe, and not really the servers/router/etc. I don't know if any real practical solutions 
> exists...
>
> Does anyone have any good ideas to protect against a DDOS? For a small network and a large network???
>
> Just my $0.02 worth...
>
>   -Henry J. Escobar
>
>
> bino () COLUMBIA EDU wrote:
> > Just wondering why there hasn't been much mention of the recent DDoS'
> against a lot of the major sites on the web...  Given the nature of the
> list, I would have expected _some_ mention, but I don't think I've seen a
> peep, which is very surprising!
>
> If you don't know what I'm talking about, then read:
>
>         http://news.cnet/com/news/0-1005-200-1545456.html
>
> and
>
>         http://cnnfn.com/2000/02/08/technology/yahoo/
>
>
> Seems that this could get very serious before it gets much better...
>
>                                                       BINO