North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DDOS prevention offensive.
] Discuss the effect that wide spread filtering against spoofed ] addresses would have on the current number of DDOS attacks. I performed a statistical analysis of a collection of log files from one oft-targeted site. The data therein revealed that 68% of all the naughty packets contained obviously bogon source addresses (e.g. 127/8). I wouldn't extrapolate this analysis to fit all sites. I see more than enough DoS attacks were the source is not spoofed. I do think such filtering would go a long way towards mitigating DDoS attacks. -- Rob Thomas http://www.cymru.com/~robt cmn_err(CE_PANIC, "Out of coffee...");
|