nanog mailing list archives

Re: [Re: Which Part(s) Failed in the recent DOS Attacks?]

From: Toplez Razer <z28convertible () usa net>
Date: 9 Feb 00 21:05:19 MST


Joe,
Firewall-1 has the SynDefender and Cisco IOS 12.0 has TCP Intercept for
stopping TCP DOS.  Could these features stop massive TCP DOS attacks?

Thanks,
Audie Onibala

******************************


Joe Shaw <jshaw () insync net> wrote:


On 9 Feb 2000, Toplez Razer wrote:

1. Was it the firewall DOS filter?


With packet based DoS attacks, filters don't matter.  Bandwidth and
saturation are what matters.

2. No firewall in Yahoo, EBay, ETrade, etc?


Yes, there are, and no, they wouldn't have helped for the reason
stated above.

3. Firewall DOS filter worked, but the links were still clogged with

massive

ACKs/NACKs?


Not exactly, but fairly close.

--
Joseph W. Shaw - jshaw () insync net
Computer Security Consultant and Programmer
Free UNIX advocate - "I hack, therefore I am."





____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1

Current thread:

Re: [Re: Which Part(s) Failed in the recent DOS Attacks?] Toplez Razer (Feb 09)
- Re: [Re: Which Part(s) Failed in the recent DOS Attacks?] Richard Steenbergen (Feb 09)
- Re: [Re: Which Part(s) Failed in the recent DOS Attacks?] Joe Shaw (Feb 09)
  - Re: [Re: Which Part(s) Failed in the recent DOS Attacks?] Richard Steenbergen (Feb 10)