nanog mailing list archives

Re: engineering --> ddos and flooding

From: "Steven M. Bellovin" <smb () research att com>
Date: Thu, 31 May 2001 18:21:27 -0400


In message <4.3.2.7.2.20010531175313.024ed980 () mail netpath net>, Andrew Dorsett
 writes:


Hey, this is a technical question for all of the Network 
Engineers/Architects on the list.  Has a method been found to stop an 
incoming attack?  Granted you can filter the packets to null on the router, 
but that doesn't stop them from coming across the wire and into the 
router.  Has a way been devised to stop them from coming into the router; 
via something like a BGP update to null the packets or what?  I'm concerned 
about a flood that is so massive coming from the core and flooding a small 
T1 or less.


See my talk (and the associated draft papers) from the D.C. NANOG; 
there were also several DDoS talks in Scottsdale.


                --Steve Bellovin, http://www.research.att.com/~smb

Current thread:

engineering --> ddos and flooding Andrew Dorsett (May 31)
- Re: engineering --> ddos and flooding Jared Mauch (May 31)
- Re: engineering --> ddos and flooding Andrew Dorsett (May 31)
  - Re: engineering --> ddos and flooding Joel Jaeggli (May 31)
- Re: engineering --> ddos and flooding Geoff Z (May 31)
- <Possible follow-ups>
- Re: engineering --> ddos and flooding Steven M. Bellovin (May 31)
- Re: engineering --> ddos and flooding Joel Jaeggli (May 31)