nanog mailing list archives
Re: Source address validation (was Re: UUNet Offer New Protection
From: Paul Vixie <vixie () vix com>
Date: 07 Mar 2004 07:29:54 +0000
sean () donelan com (Sean Donelan) writes:
Try saying that after running a major DDoS target, with "HIT ME" your forehead. No offense Sean but I'd like you to back your claim up with some impirical data first.Has the number of DDOS attacks increased or decreased in the last few years has uRPF has become more widely deployed?
the number of spoofed-source attacks is down only-slightly.
Do you have any evidence the number of attacks are decreasing?
the overall number of attacks and their volume seems to be decreasing ever-so-slightly, but the ferocity of the attacks that come through seems to be increasing more-than-slightly. and, when defending against one of these, every valid source address is worth its figurative weight in gold, and constitutes a minor compromise for the attacker, even if the host it helps to identify is disposable, easily replaced, and difficult to repair. [ of course, sean, i could just be making that part up. but since i keep saying it and since i get attacked pretty frequently, i might be telling the truth. it could be worth assuming a little credibility and seeing where that leads you. (but, we digress.) ] -- Paul Vixie
Current thread:
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS), (continued)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Joe Provo (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Henry Linneweh (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Ken Diliberto (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Dan Hollis (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) fingers (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) vijay gill (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)