Re: WANTED: ISPs with DDoS defense solutions

• From: Christopher L. Morrow
• Date: Tue Aug 05 21:40:16 2003

On Wed, 6 Aug 2003, Paul Vixie wrote:

>
> > More and more there is less and less spoofing, its just not required and
> > it causes more damage with less effort :( Why spoof when you have 1000
> > machines pumping 1 packet per second? (or 10)
>
> leaving the spoofing option open for future generations of attacks,
> rather than having a witch-hunt and tracking down and upgrading every
> insecure edge, is just about the worst thing we could do.  because
> when an attacker wants an extra edge, they'll add spoofing to their
> attack profile, and the core's immune system will be totally unprepared.

I don't believe I ever said that the edges shouldn't filter... did I?

• Follow-Ups:
  • Re: WANTED: ISPs with DDoS defense solutions Paul Vixie
  • Re: WANTED: ISPs with DDoS defense solutions Rob Thomas

• References:
  • Re: WANTED: ISPs with DDoS defense solutions Christopher L. Morrow
  • Re: WANTED: ISPs with DDoS defense solutions Paul Vixie

• Prev by Date: Re: testing bandwidth of big internet pipes
• Next by Date: Re: testing bandwidth of big internet pipes
• Date Index
• Thread Index
• Author Index
• Historical