Home page logo
/

nanog logo nanog mailing list archives

Re: UDP port 80 DDoS attack
From: bas <kilobit () gmail com>
Date: Wed, 8 Feb 2012 14:03:19 +0100

On Wed, Feb 8, 2012 at 10:56 AM, George Bonser <gbonser () seven com> wrote:
I'll put it another way. Any provider that does not police their customer traffic has no business whining about DoS 
problems.

Most of us prevent their customers from sending out spoofed traffic.

77% of all networks seem to think so.
http://spoofer.csail.mit.edu/summary.php

However the remaining networks allow spoofed traffic to egress their networks.

When that traffic enters my network, I have no method whatsoever to
differentiate it from any other traffic.
I could ask my upstream where they see it coming from, which will be
quite hard if they do not have pretty fancy systems.
But if they receive it from a peer, I am as good as lost in trying to
find the culprit.

Bas


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]