RE: WP: Attack On Internet Called Largest Ever

["Joe Patterson" <jpatterson () asgardgroup com>]

One thing I'm curious about (mostly because I think it's a neat idea, and
was wondering if anyone else thought so too)..

would it cause problems, and more importantly would it solve potential
problems, to put some/most/all of the root servers (and maybe gtld-servers
too) into an AS112-like config?  It would seem to me like that would give
the benefits of being able to spread the load around without making the list
of root servers any larger, would make any kind of ddos on the root servers
just that much more difficult to do, and might just increase
speed/performance (for those 8 times a week when you actually use them)

Is it a problem that's even worth looking at?  Is it a solution that's worse
(for some reason I haven't noticed yet) than the problem?

Thoughts?

-Joe Patterson

> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
> Greg Pendergrass
> Sent: Wednesday, October 23, 2002 10:31 AM
> To: 'Nanog@Merit. Edu'
> Subject: RE: WP: Attack On Internet Called Largest Ever
>
>
>
> It's universally agreed that the articles have mostly been blown out of
> proportion and dramatized, but that doesn't mean that attacks against the
> root servers can't be successful. Future attacks will be stronger and more
> organized. So how do we protect the root servers from future attack?
>
> There has been a lot about what did not happen yesterday, but how
> about some
> details about what did happen? Was it a ping flood, syn-flood, smurf, or
> some combination of types? Were the zombie machines windows,
> linux, or both?
> Some of the root servers were affected more than others, why? Was it that
> there was more ddos traffic directed at them, or that they had
> less hardware
> and network resources?
>
>
> - Greg Pendergrass