North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: [Re: Which Part(s) Failed in the recent DOS Attacks?]
- From: Joe Shaw
- Date: Thu Feb 10 00:46:39 2000
On 9 Feb 2000, Toplez Razer wrote:
> Firewall-1 has the SynDefender and Cisco IOS 12.0 has TCP Intercept for
> stopping TCP DOS. Could these features stop massive TCP DOS attacks?
Both could possibly help, but when you're dealing with 800Mbps, which is
how much traffic was reported in the Yahoo DoS, filters don't matter. The
problem is, you fill up the pipes and it doesn't matter that the router or
the firewall drops the packets because legitimate traffic can't get
through. If the attacks were smaller directed attacks you'd have a better
chance of defending yourself, but with these new DDoS attacks it makes it
next to impossible unless you're a Tier1 or your Tier1 will actively
filter. That's what makes them so devestating right now.
Joseph W. Shaw - email@example.com
Computer Security Consultant and Programmer
Free UNIX advocate - "I hack, therefore I am."