nanog mailing list archives

Re: UDP/123 policers & status

From: Saku Ytti <saku () ytti fi>
Date: Mon, 30 Mar 2020 11:27:59 +0300

On Mon, 30 Mar 2020 at 11:15, Harlan Stenn <stenn () nwtime org> wrote:

Please help me understand this.

Exactly how bad is it if the query and response packets are of a
different size?  Does it matter at 4 bytes?  32?


Presumably, if it's attenuation vector (1byte or more), presumably
attacker will use any of the other many vectors which are
amplification vectors or will directly attack from the zombie machines
they pwn. Since NST would have negative ROI on attack if there is
_any_ attenuation.

-- 
  ++ytti

Current thread:

Re: UDP/123 policers & status, (continued)
- - - Re: UDP/123 policers & status Ragnar Sundblad (Mar 29)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 28)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 29)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 28)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 28)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 29)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 28)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 29)
    - Re: UDP/123 policers & status Saku Ytti (Mar 29)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 30)
    - Re: UDP/123 policers & status Saku Ytti (Mar 30)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 30)
    - Re: UDP/123 policers & status Saku Ytti (Mar 30)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 30)
    - Re: UDP/123 policers & status Harlan Stenn (Mar 30)
    - Re: UDP/123 policers & status Saku Ytti (Mar 30)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 30)
    - Re: UDP/123 policers & status Ragnar Sundblad (Mar 29)