Home page logo

bugtraq logo Bugtraq mailing list archives

Re: DDOS Attack Mitigation
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Tue, 15 Feb 2000 09:49:43 +1100

In some mail from Alan Brown, sie said:

On Sun, 13 Feb 2000, Darren Reed wrote:

You know if anyone was of a mind to find someone at fault over this,
I'd start pointing the finger at ISP's who haven't been doing this
due to "performance reasons".

To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max
4000), they will collapse under the load.

i.e. poorly designed.

 They've had the ability to do it for
years and in doing so would seriously reduce the number and possibility
of "spoofing" attacks.

See above. Having enough CPU available to handle spoof filtering from
dialups adds a lot to costs and most ISPs simply can't afford to pay
more in order to be able to provide that benefit. :-(

Someone should either put a bomb under Cisco's arse and get them to
pull their finger out and deliver a cost-effective box which does
what's actually required for a `secure internet' or gather up some
venture capital and build a new box which provides the requisite
security.  It would seem that the market is potentially quite large:
replacing every Cisco dialup router in existance with a "secure one"
with at least the same performance.  How many 1000s of units do Cisco
claim to have sold ?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]