|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Is there a line of defense against Distributed Reflective attacks?
On Fri, Jan 17, 2003 at 01:11:14AM -0500, David G. Andersen mooed: > > b) Ioannidis and Bellovin proposed a mechanism called "Pushback" > for automatically establishing router-based rate limits to > staunch packet flows during DoS attacks. > [NDSS 2002, "Implementing Pushback: Router-Based Defense > Against DDoS Attacks"] I should have been a bit more accurate here. The proposal for pushback is actually earlier than the implementation paper I cited above: "Controlling High Bandwidth Aggregates in the Network. Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker. July, 2001." and it also included an internet-draft: http://www.aciri.org/floyd/papers/draft-floyd-pushback-messages-00.txt I believe that Steve Bellovin gave a talk about it at NANOG 21: http://www.research.att.com/~smb/talks/pushback-nanog.pdf -Dave (I'll learn not to send mail past midnight some day) -- work: [email protected] me: [email protected] MIT Laboratory for Computer Science http://www.angio.net/ I do not accept unsolicited commercial email. Do not spam me.
|