nanog mailing list archives

Re: Denial of service attacks apparently from UUNET Netblocks

From: Barney Wolff <barney () databus com>
Date: Tue, 7 Oct 1997 12:31 EDT

Date: Tue, 7 Oct 1997 12:04:27 -0400 (EDT)
From: Alex Przekupowski <oop () idt net>

On the MAX's that I have set up, I log that info to syslog (Local 7), and
can pull it up at will.  If you need a hand, just let me know.  By
combining the syslog output, and the RADIUS accounting logs, we can
definately prove at least the home address of the attacker.


How are you providing source address assurance, on either a MAX or a TNT?
My understanding, which may well be flawed, is that the only way is with
a filter.  I have heard claims, which may also be flawed, that filters
have a severe performance impact on MAX and TNT.

Without source address assurance, how do you know that the packets are
actually coming from the user who was assigned that address at that time?

Barney Wolff  <barney () databus com>

Current thread:

Re: Denial of service attacks apparently from UUNET Netblocks, (continued)
- - - Re: Denial of service attacks apparently from UUNET Netblocks David Lesher (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Karl Denninger (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Joe Shaw (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Brett Frankenberger (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Karl Denninger (Oct 08)
- Re: Denial of service attacks apparently from UUNET Netblocks Doug Davis (Oct 06)
  - Re: Denial of service attacks apparently from UUNET Netblocks Dan Foster (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Karl Denninger (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Joe Shaw (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Karl Denninger (Oct 07)
- Re: Denial of service attacks apparently from UUNET Netblocks Barney Wolff (Oct 07)
  - Re: Denial of service attacks apparently from UUNET Netblocks Joe Shaw (Oct 08)
- Re: Denial of service attacks apparently from UUNET Netblocks Sean Donelan (Oct 07)
  - Re: Denial of service attacks apparently from UUNET Netblocks Sharif Torpis (Oct 07)
    - Re: Denial of service attacks apparently from UUNET Netblocks Dale Drew (Oct 08)
  - Re: Denial of service attacks apparently from UUNET Netblocks Alex "Mr. Worf" Yuriev (Oct 07)
- Re: Denial of service attacks apparently from UUNET Netblocks Sean Donelan (Oct 07)
- Re: Denial of service attacks apparently from UUNET Netblocks Barney Wolff (Oct 08)
  - Re: Denial of service attacks apparently from UUNET Netblocks Justin W. Newton (Oct 08)
    - Re: Denial of service attacks apparently from UUNET Netblocks John A. Tamplin (Oct 08)
    - Re: Denial of service attacks apparently from UUNET Netblocks Matthew V. J. Whalen (Oct 08)

(Thread continues...)