nanog mailing list archives
Re: anycast and ddos
From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Fri, 6 May 2005 17:03:53 GMT
As one of the co-authors of RFC-2827, I'm assuming you meant me -- if so, no apology needed. :-) I'm just sorry to have to see a "weakness" exploited which could easily be "fixed".... - ferg ps. This also seems like a good time to mention (again) "The Spoofer Project" at MIT: http://momo.lcs.mit.edu/spoofer/ [and] http://momo.lcs.mit.edu/spoofer/summary.php -- Randy Bush <randy () psg com> wrote: it seems that anycasting was quite insufficient to protect netsol's service from being severely damaged (udp dead, tcp worked) for a considerable length of time by a ddos [0] last week [1]. it would be very helpful to other folk concerned with service deployment to understand how the service in question was/is anycast, and what might be done differently to mitigate exposure of similar services. anyone have clues or is this ostrich city? maybe a preso at nanog would be educational. randy --- [0] - as it seems that the ddos sources were ip address spoofed (which is why the service still worked for tcp), i owe paul an apology for downplaying the immediacy of the need for source address filtering. [1] - netsol is not admitting anything happened, of course <sigh>. but we all saw the big splash as it hit the water, the bubbles as it sank, and the symptoms made the cause pretty clear. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- anycast and ddos Randy Bush (May 06)
- Re: anycast and ddos Patrick W. Gilmore (May 06)
- Re: anycast and ddos Christopher L. Morrow (May 06)
- Re: anycast and ddos Randy Bush (May 07)
- Re: anycast and ddos Randy Bush (May 07)
- Re: anycast and ddos Christopher L. Morrow (May 07)
- NetSol disaster (was Re: anycast and ddos) Randy Bush (May 07)
- Re: anycast and ddos Randy Bush (May 07)
- Message not available
- Re: anycast and ddos Hank Nussbacher (May 08)
- Re: anycast and ddos Rodney Joffe (May 08)
- Re: anycast and ddos Hank Nussbacher (May 08)
- Re: anycast and ddos Hank Nussbacher (May 08)
- <Possible follow-ups>
- Re: anycast and ddos Fergie (Paul Ferguson) (May 06)
- Re: anycast and ddos Kim Onnel (May 06)
- Re: anycast and ddos Christopher L. Morrow (May 06)
- Re: anycast and ddos Sean Donelan (May 06)
- Re: anycast and ddos Christopher L. Morrow (May 06)
- Re: anycast and ddos Kim Onnel (May 06)