North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Efficient DoS filter
Why not use loopback0, I thought that was fast switched? Hasn't this horse been killed by now? On Sat, 28 Mar 1998, Alex Bligh wrote: > I think this is an operational issue, at least for those running Cisco. > > Having just been hit by 10Mb/s of DoS attack and finding a 75xx has > difficulty filtering it, here is quite a nice way (assuming we're > talking a randomized source, single destination attack). > > Find your favorite ATM interface (sorry Sean). Set up a sub-interface > covering the IP address concerned, put in a map-list to the duff > interface, and put it on a VC that doesn't go anywhere through your > ATM switch. This way the ATM switch foes the filtering. > > PLEASE can we have hardware assisted switching to null0: if anyone's > listening at Cisco? Nothing else would filter this out (no convenient > LANs nearby, serial type interface just sends the data anyway etc...). > This would probably work on FR too. > > Alex Bligh > GX Networks (formerly Xara Networks) > > -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. Alex Rubenstein, [email protected], KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP! We have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
|