nanog mailing list archives
Re: Few questions to the american ISPs [Re: DDOS anecdotes]
From: "Alexei Roudnev" <alex () relcom EU net>
Date: Sat, 23 Jun 2001 18:39:25 -0700
Yes. But 99% of the cable/provbider customers are residential ones, and so are not multy-home, so simple _SRC filtering by default_ implemented by the hw vendor can help. And notice, thet this _cable residential users_ are most affected to the hackers because they areusially non-skilled and non-professionals, and so it's very important to prevent hackers from abusing them at least as a source for the DDOS attacks. (and for me the weakness of this customers looks like a great danger - they really are very affected to be broken and abused, and (on the other hand) they make a bridge to the more serious hacking because they have some passwords/logins on their home sites). ----- Original Message ----- From: "Christopher A. Woodfield" <rekoil () semihuman com> To: "Alexei Roudnev" <alex () relcom EU net> Cc: <nanog () merit edu>; "Sean M. Doran" <smd () clock org> Sent: Saturday, June 23, 2001 5:56 PM Subject: Re: Few questions to the american ISPs [Re: DDOS anecdotes]
At a conference in late 1999, UUNet announced that they had anti-spoof filters in place on their dialup ports. Not that that amount to much in contrast to teh amount of spoofed DDOS traffic from cable providers, mind you...IIRC, it's the cable providers that need to put up the anti-spoofing filters the most. -C- any big ISP have skilled security person available. When I worked in Russia,
it
took 10 - 15 minutes to contact your ISP and install such filters; for EUnet,
it
took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a
week
(UUnet was an exception)... - all cable providers will have src address filters, so preventing src address frauding.-- --------------------------- Christopher A. Woodfield rekoil () semihuman com PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B
Current thread:
- Few questions to the american ISPs [Re: DDOS anecdotes], (continued)
- Few questions to the american ISPs [Re: DDOS anecdotes] Alexei Roudnev (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Christopher A. Woodfield (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Pim van Riezen (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Steven J. Sobol (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Steven J. Sobol (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Todd Suiter (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Christopher A. Woodfield (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] E.B. Dreger (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Mikael Abrahamsson (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Steven J. Sobol (Jun 24)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Christopher A. Woodfield (Jun 23)
- Few questions to the american ISPs [Re: DDOS anecdotes] Alexei Roudnev (Jun 23)
- Re: Few questions to the american ISPs [Re: DDOS anecdotes] Alexei Roudnev (Jun 23)
- Re: more on IP source filtering... RJ Atkinson (Jun 23)
- Re: anti-spoofing filters RJ Atkinson (Jun 23)
- RE: DDOS anecdotes Vivien M. (Jun 23)
- RE: DDOS anecdotes Mikael Abrahamsson (Jun 23)
- Re: DDOS anecdotes Valdis . Kletnieks (Jun 24)