nanog mailing list archives

Re: DNS issues various

From: Daniel Senie <dts () senie com>
Date: Fri, 25 Oct 2002 03:48:54 -0400


At 04:51 PM 10/24/2002, Kevin Houle wrote:

--On Thursday, October 24, 2002 04:30:20 PM -0400 "David G. Andersen"<dga () lcs mit edu> wrote:

Until the default behavior of most systems is to block spoofed packets,
it's going to remain a problem.


I assert this is not the case. A significant percentage of DDoS attacks use
legitimate source IP addresses. When there are thousands of throw-away hosts
in the attack network, the difficulty of traceback and elimination remains,
and so does the problem.

Yes, blocking spoofed packets helps. But it is not an end-game.

It provides the identity of the party to sue for negligence, should thedamage elsewhere be severe. In large networks, it would behooveadministrators to establish ingress filters on the routers connectingsubnets, so that they can further limit spoofing or help trace the partyinvolved.

Current thread:

Re: How to secure the Internet in three easy steps, (continued)
- - - Re: How to secure the Internet in three easy steps batz (Oct 25)
    - Re: How to secure the Internet in three easy steps Michael Lamoureux (Oct 25)
    - Re: DNS issues various Craig Partridge (Oct 24)
    - Message not available
    - Re: DNS issues various Daniel Senie (Oct 25)
    - Re: DNS issues various dre (Oct 24)
    - Re: DNS issues various Richard A Steenbergen (Oct 24)
    - Re: DNS issues various David G. Andersen (Oct 24)
    - Re: DNS issues various Kevin Houle (Oct 24)
    - Re: DNS issues various Rob Thomas (Oct 24)
    - Re: DNS issues various Richard A Steenbergen (Oct 24)
    - Re: DNS issues various Daniel Senie (Oct 25)
    - Re: DNS issues various Randy Bush (Oct 25)
    - Re: DNS issues various Daniel Senie (Oct 25)
- Re: DNS issues various Michael . Dillon (Oct 25)