Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Info on the DoS attacks.

  • From: Daniel Hagerty
  • Date: Wed Feb 09 23:55:19 2000

 > Wouldn't it be nice to know what filters to install to protect your web site
 > before it gets hit?

    Sharing information with the edge about what's happening, and what
to look for needs to happen.  Why aren't the attack destination NOCs
getting this info out?

    Three days into this, and I have *no* idea what I would be looking
for if I was the notwork manager for a large undermanaged edge site
(mmm, .edu).  "Look for a big traffic peak" just doesn't cut it; I've
got locally "more urgent" problems than watching for a blip on an
mrtg.

    Given the highly distributed nature of this attack and thought
being put into it, our lusers probably realize this and are *avoiding*
pegging invidual ingress wires excessively.

    Until large numbers of sites are educated about exactly what's
going on right now, and what they need to do their part of fixing it
(with text for linux HOWTO level of clue; what many high-bandwidth
capable sites are running w/ now), NOC staff isn't going to be
sleeping much.

    Glad it's not my problem right now.  Now, do you see the problem
in this attitude?  How many edge network managers are thinking exactly
this way?





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.