|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: DDOS attacks and Large ISPs doing NAT?
> -----Original Message----- > From: Gary E. Miller [mailto:[email protected]] > Sent: 2. m�ja 2002 20:00 > To: Mansey, Jon > Cc: [email protected] > Subject: RE: DDOS attacks and Large ISPs doing NAT? > > > > > Who says a NATed host can not be a zombie? Get the NATed > host to read an email virus. The virus then coonects to an > IRC channel that tells the zombie when to spew. recursion again. the point was just about minimizing, not about completely avoiding. for every solution you do a new exploit will be invented in a short time, no matter how great the patch is > Each phone would not spew much, but imagine you got 100M > phones to do your DDoS for you... it's not about the number of phones but about capacity of the network even if you have 1k phones on one gsm sector they still only can generate as much as the radio allows for. how many channels you suppose to be available for gprs for the whole sector? three? four? several? maybe if you're optimistic enough. i definitely would not consider gprs being a broadband service. then - there are loads of different portable device on the market now and the diversity will increase. how would you manage to load your ddos clients to all these kinds of devices? in the end you maybe will get a few % (if lucky and tricky enough) of the portables. compare it to the aggregate traffic the whole gprs network could generate (not that much) and i don't think you can talk about a ddos in scale we are used to today -- Tomas Daniska systems engineer Tronet Computer Networks Plynarenska 5, 829 75 Bratislava, Slovakia tel: +421 2 58224111, fax: +421 2 58224199 A transistor protected by a fast-acting fuse will protect the fuse by blowing first.
|