North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Internet-draft on DDOS defense...
On Thu, 11 May 2000, Vipul Shah wrote: > The solution suggested by RFC2644 is for routers only, while the > proposed solution is intended for end-nodes. > > If DDoS Smurf attack is generated using local broadcast, RFC2644 > solution won't prevent the attack. Read carefully the last paragraph of > Section 1 of the draft. Another point that hasn't been mentioned in this thread is that this type of attack is very easy to track down, since all the echo-reply packets will have addresses in the same subnet. A good portion of the problem with smurf attacks is not so much the attack itself as the painful process of tracking it to it's source. Brandon Ross 404-522-5400 VP Engineering, NetRail http://www.netrail.net AIM: BrandonNR ICQ: 2269442 Read RFC 2644! Stop Smurf attacks! Configure your router interfaces to block directed broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.
|