nanog mailing list archives
Re: Arbor Networks DoS defense product
From: Rob Thomas <robt () cymru com>
Date: Wed, 15 May 2002 17:49:59 -0500 (CDT)
Hi, Dan. ] I don't think spoofing will be a problem for the landmines. Most attacks ] (99%?) are tcp. Hmm... Not based on my research. The most common attack capabilities in the bots are ICMP and UDP flooders. After that, IGMP. Last, TCP. Most of the DoS tools contain the same attack types as the bots. On the receiving end, upwards of 80% of all the woe I track is not TCP. Thanks, Rob. -- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);
Current thread:
- Re: Arbor Networks DoS defense product, (continued)
- Re: Arbor Networks DoS defense product Rob Thomas (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product Rafi Sadowsky (May 15)
- Re: Arbor Networks DoS defense product Rob Thomas (May 15)
- Re: Arbor Networks DoS defense product Streiner, Justin (May 15)
- RE: Arbor Networks DoS defense product Cheung, Rick (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product Johannes B. Ullrich (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product Rob Thomas (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product PJ (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product PJ (May 15)
- Re: Arbor Networks DoS defense product Dug Song (May 15)
- Re: Arbor Networks DoS defense product Clayton Fiske (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 15)
- Re: Arbor Networks DoS defense product Johannes B. Ullrich (May 15)
- Re: Arbor Networks DoS defense product PJ (May 15)
- Re: Arbor Networks DoS defense product Johannes B. Ullrich (May 15)
- Re: Arbor Networks DoS defense product Rob Thomas (May 15)