|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Effective ways to deal with DDoS attacks?
On Wed, 1 May 2002, Pete Kruckenberg wrote: > > On Thu, 2 May 2002, Richard A Steenbergen wrote: > > >> SYN packet comes in, one of these machines responses with a > >> RST to the "source", which is actually the target of the > > > > You have an interesting situation. I think rate limiting > > outbound RSTs would be the least offensive thing you > > could do, off the top of my head. > > What about just blocking out-going RSTs altogether from our > borders? While this interferes with "proper" TCP > functionality, would it actually interfere enough to cause > noticeable problems? Would certainly be less of a burden on > routers than rate-limiting. Aren't the initial packets in the 'gibson syn amp attack' syn-ack's?
|