|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Forwarded: 47th IETF: ITRACE BOF
------- Forwarded Message Return-Path: <[email protected]> Received: from postal.research.att.com by fetchmail-4.5.7 POP3 for <smb/localhost> (single-drop); Wed, 01 Mar 2000 19:23:02 EST Received: from mail-green.research.att.com (mail-green.research.att.com [135.207.30.103]) by postal.research.att.com (8.8.7/8.8.7) with ESMTP id TAA10215 for <[email protected]>; Wed, 1 Mar 2000 19:20:12 -0500 (EST) Received: by mail-green.research.att.com (Postfix) id 1F98A1E032; Wed, 1 Mar 2000 19:20:12 -0500 (EST) Received: from loki.ietf.org (loki.ietf.org [132.151.1.177]) by mail-green.research.att.com (Postfix) with ESMTP id 10D301E036; Wed, 1 Mar 2000 19:20:07 -0500 (EST) Received: (from [email protected]) by loki.ietf.org (8.9.1b+Sun/8.9.1) id SAA05354 for [email protected]; Wed, 1 Mar 2000 18:25:00 -0500 (EST) Received: from ietf.org (odin.ietf.org [10.27.2.28]) by loki.ietf.org (8.9.1b+Sun/8.9.1) with ESMTP id SAA05280 for <[email protected]>; Wed, 1 Mar 2000 18:13:06 -0500 (EST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA16131; Wed, 1 Mar 2000 18:13:04 -0500 (EST) Delivered-To: [email protected] Message-Id: <[email protected]> To: IETF-Announce: ; From: [email protected] Cc: [email protected] Subject: 47th IETF: ITRACE BOF Date: Wed, 01 Mar 2000 18:13:03 -0500 Sender: [email protected] Content-Type: text X-UIDL: de9f75cb7001aedbabad2854bdf994cd ICMP Traceback BOF (itrace) Thursday, March 30 at 1530-1730 =============================== CHAIR: Steve Bellovin <[email protected]> DESCRIPTION: The purpose of the BoF is to look at a mechanism to help address the problem of tracing back denial of service attacks. The suggested mechanism is that with low probability (order 1/20,000), a router seeing a packet would send to the destination an ICMP message giving as much information as it knows about the immediate previous hop of that packet. With enough of these messages -- and if one is being flooded, by definition there will be a lot of traffic, so that the low probabilities will still result in a reasonably complete set of traceback packets. Such a mechanism has other uses as well. It lets people trace down the source of accidentally-emitted bogus packets, i.e., those with RFC1918 addresses. It helps characterize the reverse path, which traceroute does not do. The output will be a standards-track RFC describing the packet format, and the conditions under which it should be sent. Issues include authentication, router load, and host load. AGENDA: Introduction, motivation 15 min Marcus Leech's prototype 20 min Open issues list 30 min Charter 20 min ------- End of Forwarded Message --Steve Bellovin
|