Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [Re: Which Part(s) Failed in the recent DOS Attacks?]

  • From: Joe Shaw
  • Date: Thu Feb 10 00:46:39 2000


On 9 Feb 2000, Toplez Razer wrote:

> Joe,
> Firewall-1 has the SynDefender and Cisco IOS 12.0 has TCP Intercept for
> stopping TCP DOS.  Could these features stop massive TCP DOS attacks?

Both could possibly help, but when you're dealing with 800Mbps, which is
how much traffic was reported in the Yahoo DoS, filters don't matter.  The
problem is, you fill up the pipes and it doesn't matter that the router or
the firewall drops the packets because legitimate traffic can't get
through.  If the attacks were smaller directed attacks you'd have a better
chance of defending yourself, but with these new DDoS attacks it makes it
next to impossible unless you're a Tier1 or your Tier1 will actively
filter.  That's what makes them so devestating right now.

--
Joseph W. Shaw - jshaw@insync.net
Computer Security Consultant and Programmer   
Free UNIX advocate - "I hack, therefore I am."






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.