nanog mailing list archives

Re: Counter DoS

From: "william(at)elan.net" <william () elan net>
Date: Thu, 11 Mar 2004 15:16:20 -0800 (PST)


On Thu, 11 Mar 2004, Laurence F. Sheldon, Jr. wrote:

Petri Helenius wrote:

Maybe there is a lesson to be learned from many RBL operators. To make 
sure, just send packets to the whole /24 or /16 you got an "attack" 
packet from.


Which RBL operators flood /24's or /16's?  What do they flood them
with?


I think he meant that RBLs sometimes include entire /24 in RBL list when 
only one or two ips are at fault and some would go even highier to include 
entire ISP allocation. This is probably talking about SPEWs and alike RBLs

-- 
William Leibzon
Elan Networks
william () elan net

Current thread:

Re: Counter DoS, (continued)
- - - Re: Counter DoS Valdis . Kletnieks (Mar 11)
    - Re: Counter DoS Rachael Treu (Mar 11)
    - Re: Counter DoS Vinny Abello (Mar 11)
    - Re: Counter DoS E.B. Dreger (Mar 11)
    - Re: Counter DoS Rachael Treu (Mar 11)
    - Re: Counter DoS Gregory Taylor (Mar 11)
    - Re: Counter DoS Deepak Jain (Mar 11)
    - Re: Counter DoS Rachael Treu (Mar 11)
    - Re: Counter DoS Petri Helenius (Mar 11)
    - Re: Counter DoS Laurence F. Sheldon, Jr. (Mar 11)
    - Re: Counter DoS william(at)elan.net (Mar 11)
    - Re: Counter DoS Laurence F. Sheldon, Jr. (Mar 11)
    - Re: Counter DoS Brian Bruns (Mar 11)
    - Re: Counter DoS Rachael Treu (Mar 15)
  - Re: Counter DoS Daniel Karrenberg (Mar 11)
- Re: Counter DoS william(at)elan.net (Mar 10)
  - RE: Counter DoS Mark Borchers (Mar 10)
    - RE: Counter DoS Christopher L. Morrow (Mar 10)
- Re: Counter DoS Baldwin, James (Mar 11)
  - Re: Counter DoS Sean Donelan (Mar 11)
- Re: Counter DoS Brandon Butterworth (Mar 11)

(Thread continues...)