Re: ICANN Targets DDoS Attacks

["Stephen J. Wilcox" <steve () telecomplete co uk>]

On Tue, 29 Oct 2002, Jeff Shultz wrote:

> *********** REPLY SEPARATOR  ***********
>
> On 10/29/2002 at 3:54 PM Jared Mauch wrote:
>
> > On Tue, Oct 29, 2002 at 12:48:39PM -0800, Jeff Shultz wrote:
> > > *********** REPLY SEPARATOR  ***********
> > >
> > > On 10/29/2002 at 3:40 PM Valdis.Kletnieks () vt edu wrote:
> > >
> > > > On Tue, 29 Oct 2002 22:25:44 +0200, Petri Helenius <pete () he iki fi>
> > > said:
> > > > > Why would you like to regulate my ability to transmit and receive
> > > data
> > > > > using ECHO and ECHO_REPLY packets? Why they are considered
> > > > > harmful?
> > > >
> > > > Smurf.
> > >
> > > Okay. What will this do to my user's ping and traceroute times, if
> > > anything? I've got users who tend to panic if their latency hits
> 250ms
> > > between here and the moon (slight exaggeration, but only slight). 
> > >
> > > I just love it when I've got people blaming me because the 20th hop
> on
> > > a traceroute starts returning  * * * instead of times. 
> >
> >     that's icmp ttl expired messages.
>
> I know that, and I try to explain it to my customers... but it doesn't
> answer the first part of the question - what will throttling ICMP do to
> ping and traceroute times? My gut reaction is that it will a. slow them
> down and/or b. discard a lot of them making the circuit look unreliable
> to ping. But I don't know enough about the underlying technology to be
> sure of that. 

As they say, if you dont set the rate limit too low then you wont encounter
drops under normal operation. 

Steve