North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Arbor Networks DoS defense product
On Wed, 15 May 2002, Rob Thomas wrote: > ] I don't think spoofing will be a problem for the landmines. Most attacks > ] (99%?) are tcp. > Hmm... Not based on my research. The most common attack capabilities in > the bots are ICMP and UDP flooders. After that, IGMP. Last, TCP. Most > of the DoS tools contain the same attack types as the bots. > On the receiving end, upwards of 80% of all the woe I track is not TCP. You miss the point of this: We are not landmining for DOSing. We are landmining to make it very dangerous for attackers to scan networks and probe hosts. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
|