North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DNS issues various
On Thu, Oct 24, 2002 at 04:07:18PM -0400, Richard A Steenbergen mooed: > > We're still working on the distributed attacks, but eventually we'll come > up with something just as effective. If it was as easy to scan for > networks who don't spoof filter as it is to scan for networks with open > broadcasts, I think we'd have had that problem licked too. Are you sure? * A smurf attack hurts the open broadcast network as much (or more) than it does the victim. A DDoS attack from a large number of sites need not be all that harmful to any one traffic source. * 'no ip directed broadcast', which is becoming the default behavior for many routers and end-systems, vs. 'access-list 150 deny ip ... any' 'access-list 150 deny ip ... any' ... 'access-list 150 permit ip any any' (ignoring rpf, which doesn't work for everyone). Until the default behavior of most systems is to block spoofed packets, it's going to remain a problem. -Dave, whose glass is half-empty this week. :) -- work: [email protected] me: [email protected] MIT Laboratory for Computer Science http://www.angio.net/ I do not accept unsolicited commercial email. Do not spam me.
|