|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [Re: Which Part(s) Failed in the recent DOS Attacks?]
On 9 Feb 2000, Toplez Razer wrote: > Joe, > Firewall-1 has the SynDefender and Cisco IOS 12.0 has TCP Intercept for > stopping TCP DOS. Could these features stop massive TCP DOS attacks? Both could possibly help, but when you're dealing with 800Mbps, which is how much traffic was reported in the Yahoo DoS, filters don't matter. The problem is, you fill up the pipes and it doesn't matter that the router or the firewall drops the packets because legitimate traffic can't get through. If the attacks were smaller directed attacks you'd have a better chance of defending yourself, but with these new DDoS attacks it makes it next to impossible unless you're a Tier1 or your Tier1 will actively filter. That's what makes them so devestating right now. -- Joseph W. Shaw - [email protected] Computer Security Consultant and Programmer Free UNIX advocate - "I hack, therefore I am."
|