Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: NANOG meeting subject of attack? Hmmmm....

  • From: robert
  • Date: Wed Feb 09 22:45:12 2000


> As Charles says, from what I've read of the CERT advisories, there is
> nothing proactive one can really do for these DDos attacks, besides
> securing machines from being hacked, correct?

A site can use anti-spoofing filters on their router/firewall (even if the ISP 
can't or won't do it on their end) to make sure that their machines don't 
forge source addresses.  This might stop any of their machines which have been 
compromised from really doing participating in the attack.  (I say "might" 
because the slave daemons don't have to forge addresses.)

Other misc. ideas are in:

http://www.cert.org/reports/dsit_workshop.pdf

(BTW, a "advisory" version of unicast RPF-type stuff would be immensely 
helpful in deploying URPF, "source validation," ingress filtering, or whatever 
you want to call it.)







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.