North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Few questions to the american ISPs [Re: DDOS anecdotes]
Yes. But 99% of the cable/provbider customers are residential ones, and so are not multy-home, so simple _SRC filtering by default_ implemented by the hw vendor can help. And notice, thet this _cable residential users_ are most affected to the hackers because they areusially non-skilled and non-professionals, and so it's very important to prevent hackers from abusing them at least as a source for the DDOS attacks. (and for me the weakness of this customers looks like a great danger - they really are very affected to be broken and abused, and (on the other hand) they make a bridge to the more serious hacking because they have some passwords/logins on their home sites). ----- Original Message ----- From: "Christopher A. Woodfield" <[email protected]> To: "Alexei Roudnev" <[email protected]> Cc: <[email protected]>; "Sean M. Doran" <[email protected]> Sent: Saturday, June 23, 2001 5:56 PM Subject: Re: Few questions to the american ISPs [Re: DDOS anecdotes] > At a conference in late 1999, UUNet announced that they had anti-spoof > filters in place on their dialup ports. Not that that amount to much in > contrast to teh amount of spoofed DDOS traffic from cable providers, mind > you...IIRC, it's the cable providers that need to put up the anti-spoofing > filters the most. > > -C > > > - any big ISP have skilled security person available. When I worked in Russia, it > > took 10 - 15 minutes to contact your ISP and install such filters; for EUnet, it > > took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a week > > (UUnet was an exception)... > > - all cable providers will have src address filters, so preventing src address > > frauding. > > > > -- > --------------------------- > Christopher A. Woodfield [email protected] > > PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B >
|