nanog mailing list archives
RE: DDOS anecdotes
From: Tim Devries <Tim.Devries () Q9 com>
Date: Sat, 23 Jun 2001 16:10:37 -0400
-----Original Message----- From: woods () weird com [mailto:woods () weird com] Sent: Saturday, June 23, 2001 3:56 PM To: nanog () merit edu Subject: RE: DDOS anecdotes [ On Saturday, June 23, 2001 at 20:04:06 (+0200), Mikael Abrahamsson wrote: ]
Subject: RE: DDOS anecdotes This is a real problem. It's not FUD. Microsofts choice to include full IP stack capabilities will make the problem worse, but I do not blame their IP stack for this like Mr Gibson does though.
No, their stack's not the root of the problem -- all the rest of their OS is (and of course in particular the security model, or lack thereof).
FYI beware of service pack 2. It sets the DF bit so packets cannot
fragment. Particularily offensive if your server is on the other side of a
tunnel (due to the overhead). The solution is to reduce the MTU on the box.
Or use a different OS :)
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods () acm org> <woods () robohack ca>
Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Current thread:
- Re: Few questions to the american ISPs [Re: DDOS anecdotes], (continued)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Todd Suiter (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Christopher A. Woodfield (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] E.B. Dreger (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Mikael Abrahamsson (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Steven J. Sobol (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Alexei Roudnev (Jun 23)
- Re: more on IP source filtering... RJ Atkinson (Jun 23)
- Re: anti-spoofing filters RJ Atkinson (Jun 23)
- RE: DDOS anecdotes Vivien M. (Jun 23)
- RE: DDOS anecdotes Mikael Abrahamsson (Jun 23)
- Re: DDOS anecdotes Valdis . Kletnieks (Jun 24)