nanog mailing list archives

Re: Effective ways to deal with DDoS attacks?

From: "Christopher L. Morrow" <chris () UU NET>
Date: Thu, 2 May 2002 06:11:36 +0000 (GMT)



On Wed, 1 May 2002, Pete Kruckenberg wrote:


On Thu, 2 May 2002, Richard A Steenbergen wrote:

SYN packet comes in, one of these machines responses with a
RST to the "source", which is actually the target of the


You have an interesting situation. I think rate limiting
outbound RSTs would be the least offensive thing you
could do, off the top of my head.


What about just blocking out-going RSTs altogether from our
borders? While this interferes with "proper" TCP
functionality, would it actually interfere enough to cause
noticeable problems? Would certainly be less of a burden on
routers than rate-limiting.


Aren't the initial packets in the 'gibson syn amp attack' syn-ack's?

Current thread:

Re: Effective ways to deal with DDoS attacks?, (continued)
- - - Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Vadim Antonov (May 02)
    - Re: Effective ways to deal with DDoS attacks? Jeff Workman (May 02)
  - Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
    - Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 01)
    - Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
    - Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
  - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
    - Re: Effective ways to deal with DDoS attacks? Vincent Gillet (May 02)
    - Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
    - Re: Effective ways to deal with DDoS attacks? measl (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)

(Thread continues...)