nanog mailing list archives
RE: DDOS prevention offensive.
From: Roeland Meyer <rmeyer () mhsc com>
Date: Thu, 12 Jul 2001 14:57:29 -0700
From: Jason Slagle [mailto:raistlin () tacorp net] Sent: Thursday, July 12, 2001 10:19 AM On Thu, 12 Jul 2001, Bill Larson wrote:Well to sum it up in one sentence. If you eliminate thebogus addresses, youcan then target the actual zombie machines used to attackthe site andeventually eliminate the risk via patching or null routethem. So filteringbogus addresses, non-routable addresses, and the addresses,which do notbelong to your net blocks, would serve to combat the denialof serviceattacks.I believe the attacks in question are actually non-spoofed. It's getting the source networks to remove the boxes that is the problem. Most of them are .edu.
Aha! I knew there was a reason that I filter EDU <g>.
Current thread:
- DDOS prevention offensive. Joseph T. Klein (Jul 12)
- Re: DDOS prevention offensive. Rob Thomas (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- Re: DDOS prevention offensive. Jason Slagle (Jul 12)
- Re: DDOS prevention offensive. Christopher L. Morrow (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- Re: DDOS prevention offensive. Bill Larson (Jul 12)
- <Possible follow-ups>
- RE: DDOS prevention offensive. Roeland Meyer (Jul 12)
- Re: DDOS prevention offensive. John McNeal (Jul 12)
- Re: DDOS prevention offensive. Rob Thomas (Jul 12)