Re: UUNet Offer New Protection Against DDoS

["Christopher L. Morrow" <christopher.morrow () mci com>]

On Fri, 5 Mar 2004, Dan Hollis wrote:

> On Fri, 5 Mar 2004, Christopher L. Morrow wrote:
> > the packets as possible. Nebulous filtering and dropping of miniscule
> > amounts of traffic in the core of a large network is just a waste of
> > effort and false panacea.
>
> uunet does operate lots of dialup RAS though correct? any reason why urpf
> is not reasonable there?

For some sure, for others perhaps not :( We have some customers with
dedicated networks over dial, some with dial-backup and even some with dsl
backup.

> just because its not perfect and doesnt solve every problem doesnt mean
> its useless.

Sure, I'm just not really sure that the core is the right place to do
this... I agree that the edge is a fine place, I'd prefer not my edge :)
but the edge is the right place. You can make all the decisions correctly
there, you can not in the core.

> miniscule amounts of traffic in uunet's core is still enough to ddos many
> a victim into oblivion. anyone who has been ddos'd by uunet customers can
> appreciate that.

miniscule is enough to cause problems in anyone's network.... the point
here was: "Core isn't the right place for this" I wasn't really trying to
argue the 'urpf is good' or 'urpf is bad' arguement, just the placement.

Sorry if I made that confusing earlier.



--Chris
(formerly chris () uu net)
#######################################################
## UUNET Technologies, Inc.                          ##
## Manager                                           ##
## Customer Router Security Engineering Team         ##
## (W)703-886-3823 (C)703-338-7319                   ##
#######################################################