RE: DDOS attacks and Large ISPs doing NAT?

["Mansey, Jon" <Jon_Mansey () verestar com>]

That would come under the heading of a virus or trojan I believe. And sure
there is no reason a NAT'd cell phone couldnt participate in this type of
attack.

The DDOS discussion is specifically referring to a "live" syn or syn/ack
attack from hosts that respond to connection requests. A NAT'd cell phone
wont, cant ever, respond to an unsolicited connection request.

jm

> -----Original Message-----
> From: Gary E. Miller [mailto:gem () rellim com] 
> Sent: Thursday, May 02, 2002 11:00 AM
> To: Mansey, Jon
> Cc: nanog () merit edu
> Subject: RE: DDOS attacks and Large ISPs doing NAT? 
>
>
> Yo Jon!
>
> On Thu, 2 May 2002, Mansey, Jon wrote:
>
> > To merge these 2 great threads, it is the case is it not 
> that NAT is a 
> > great way to avoid DDOS problems. I don't even want to imagine what 
> > the billing/credit issues would be like if your always-on 
> phone with a 
> > real IP is used as a zombie in a DDOS. "Hey I didn't use all that 
> > traffic last month....etc etc"
>
> Who says a NATed host can not be a zombie?  Get the NATed 
> host to read an email virus.  The virus then coonects to an 
> IRC channel that tells the zombie when to spew.
>
> Each phone would not spew much, but imagine you got 100M 
> phones to do your DDoS for you...
>
> RGDS
> GARY
> --------------------------------------------------------------
> -------------
> Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
>       gem () rellim com  Tel:+1(541)382-8588 Fax: +1(541)382-8676