nanog mailing list archives
Re: aggregation & table entries
From: Patrick W Gilmore <patrick () ianai net>
Date: Thu, 14 Oct 2004 16:34:28 -0400
On Oct 14, 2004, at 4:27 PM, Daniel Roesen wrote:
Yes, these restrictions are a huge pain in the rear end but a denial ofservice without even the possibility to tell where the packets come from is MUCH worse.What you actually want to know is what the ingress interfaces for the flows are. And if the ingress interface is not a p2p interface, from which peer. For both problems quite effective solutions do exist (ok, not really for the latter, but this is highly vendor specific).
No, what I really want to know is the source IP.
Given that most DDoSses are mounted via huge zombie collections, there is not much point in knowing the real source IPs.
Didn't we cover this?Yes, there are zombie armies launching DDoS from "real" IP addresses. But that does not mean there are no spoofed-source attacks any more.
-- TTFN, patrick
Current thread:
- Re: aggregation & table entries, (continued)
- Re: aggregation & table entries Stephen Stuart (Oct 13)
- Re: aggregation & table entries Randy Bush (Oct 13)
- Re: aggregation & table entries Stephen Stuart (Oct 13)
- Re: aggregation & table entries Michael . Dillon (Oct 14)
- Re: aggregation & table entries Pekka Savola (Oct 13)
- Re: aggregation & table entries Daniel Roesen (Oct 14)
- Re: aggregation & table entries Pekka Savola (Oct 14)
- Re: aggregation & table entries Daniel Roesen (Oct 14)
- Re: aggregation & table entries Iljitsch van Beijnum (Oct 14)
- Re: aggregation & table entries Daniel Roesen (Oct 14)
- Re: aggregation & table entries Patrick W Gilmore (Oct 14)
- Re: aggregation & table entries Iljitsch van Beijnum (Oct 14)
- Re: aggregation & table entries Paul Vixie (Oct 14)
- Re: aggregation & table entries Christopher L. Morrow (Oct 14)
- Re: aggregation & table entries Paul Vixie (Oct 15)
- Re: aggregation & table entries Christopher L. Morrow (Oct 15)
- Re: aggregation & table entries Paul Vixie (Oct 15)
- Re: aggregation & table entries Christopher L. Morrow (Oct 15)
- Re: BCP38 making it work, solving problems Joe Maimon (Oct 11)