RE: Re[2]: CCO/cisco.com issues.

["Terry Baranski" <tbaranski () mail com>]

> > We've been handling a multi-vector DDoS - 40-byte spoofed 
> > SYN-flooding towards www.cisco.com 
>
> Now that they've come for cisco, maybe law enforcement,
> network operators, and router vendors will all get their 
> $h!t together and do something to put a stop to these DDoS 
> attacks that have been going on in various forms for several 
> years.

Maybe this will have the positive effect of motivating Cisco to do more
to encourage best practices such as edge anti-spoof filtering.  To begin
with, Barry Green's presentations on these issues are hidden away on
his/Cisco's FTP server (ftp://ftp-eng.cisco.com/cons/) -- maybe it would
be beneficial to put them (along with write-ups) in an easily-accessible
and often-visited area of the main site where people will see them. 

These issues aren't just for ISPs: if edge networks would filter their
borders, ISPs wouldn't have to do it for them. (Or in most cases, fail
to do it for them.)

-Terry