Home page logo

nanog logo nanog mailing list archives

Re: WANTED: ISPs with DDoS defense solutions
From: "Christopher L. Morrow" <chris () UU NET>
Date: Tue, 5 Aug 2003 04:07:05 +0000 (GMT)

On Mon, 4 Aug 2003, Jack Bates wrote:

Randy Bush wrote:
anti-spoofing eliminates certain avenues of attack allowing one to focus
on remaining avenues, and hence (as Vix stated) is necessary but not

it turns 1% of the technical problem into a massive social business
problem which, even if it was solvable (which it practically isn't),
would also be addressed by technical solutions where no spoofing is

Spoofed packets are harder to trace to the source than non-spoofed
packets. Knowing where a malicious packet is very important to the

this is patently incorrect: www.secsup.org/Tracking/ has some information
you might want to review. Tracking spoofed attacks is infact EASIER than
non-spoofed attacks, especially if your network has a large 'edge'.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]