Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: New Internet-draft on DDOS defense...

  • From: Vipul Shah
  • Date: Thu May 11 08:14:44 2000 
The solution suggested by RFC2644 is for routers only, while the proposed solution is intended for end-nodes.

If DDoS Smurf attack is generated using local broadcast, RFC2644 solution won't prevent the attack. Read carefully the last paragraph of Section 1 of the draft.

Vipul


>>> Paul Ferguson <ferguson@cisco.com> 05/11/00 05:14PM >>>
How is this substantially different than RFC2644, "Changing
the Default for Directed Broadcasts in Routers"?

  http://www.ietf.org/rfc/rfc2644.txt 

- paul


At 10:13 PM 05/10/2000 -0600, Vipul Shah wrote:


>Hi All,
>
>I'd like to bring your attention to a recent Internet-draft.  The URL is:
>
>http://www.ietf.org/internet-drafts/draft-vshah-ddos-smurf-00.txt 
>
>This draft proposes a specific (simple) change to RFC1122 which would
>help reduce the use of Smurf amplification in DDOS attacks.  This is
>augments ingress filtering; it is designed specifically for the case
>where the attacker (source) is using broadcast on the local LAN as
>part of a DDOS attack.  This is a case where ingress filtering does
>not help.
>
>We are proposing that it be an addition to the standard set by
>RFC1122.  We'd very much like to hear comments from people on this draft.
>
>Vipul
>
>


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.