North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Few questions to the american ISPs [Re: DDOS anecdotes]
It's nice story, but nothing new except XT/2000 options allowing to generate SRC address. But when (at last) it happen: - use WFQ over all custiomer's links (if you have WFQ no such brute attack succeed, it only slow you down but does not block you); - Cisco force all IP fragments to be queued into the single WFQ query and allow filtering of the FRAGMENTS - any big ISP have skilled security person available. When I worked in Russia, it took 10 - 15 minutes to contact your ISP and install such filters; for EUnet, it took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a week (UUnet was an exception)... - all cable providers will have src address filters, so preventing src address frauding. It was discussed 5 years ago; it was discussed 2 years ago; it's discussed today. When something change? Alexei Roudnev ----- Original Message ----- From: "Sean M. Doran" <[email protected]> To: <[email protected]> Sent: Saturday, June 23, 2001 8:30 AM Subject: DDOS anecdotes > > > Some of you may find http://grc.com/dos/grcdos.htm > very interesting. > > Sean. >
|