Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco - ip verify unicast reverse-path

  • From: Paul Ferguson
  • Date: Mon Feb 14 20:16:56 2000

At 04:41 PM 02/14/2000 -0800, Alberto U. Begliomini wrote:

If I limit the SYN traffic to 8kbs to host 10.0.0.1 like in the example, I have
a DoS right there. Let's say the host I am CAR SYN is a web server instead,
then an attacker just need to send 8kps of SYN traffic to prevent any useful
access to my web server. Or am I missing something here?
The important thing to take away from this example is that
you have a tool to rate-limit traffic. How you set the thresholds
is an exercise for the reader.  :-)

- paul






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.