North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: WANTED: ISPs with DDoS defense solutions
On Mon, 4 Aug 2003, Jack Bates wrote: > > Randy Bush wrote: > >>anti-spoofing eliminates certain avenues of attack allowing one to focus > >>on remaining avenues, and hence (as Vix stated) is necessary but not > >>sufficient. > > > > > > it turns 1% of the technical problem into a massive social business > > problem which, even if it was solvable (which it practically isn't), > > would also be addressed by technical solutions where no spoofing is > > involved. > > > Spoofed packets are harder to trace to the source than non-spoofed > packets. Knowing where a malicious packet is very important to the this is patently incorrect: www.secsup.org/Tracking/ has some information you might want to review. Tracking spoofed attacks is infact EASIER than non-spoofed attacks, especially if your network has a large 'edge'.
|