North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: New Internet-draft on DDOS defense...
- From: Vipul Shah
- Date: Thu May 11 08:14:44 2000
The solution suggested by RFC2644 is for routers only, while the proposed solution is intended for end-nodes.
If DDoS Smurf attack is generated using local broadcast, RFC2644 solution won't prevent the attack. Read carefully the last paragraph of Section 1 of the draft.
>>> Paul Ferguson <firstname.lastname@example.org> 05/11/00 05:14PM >>>
How is this substantially different than RFC2644, "Changing
the Default for Directed Broadcasts in Routers"?
At 10:13 PM 05/10/2000 -0600, Vipul Shah wrote:
>I'd like to bring your attention to a recent Internet-draft. The URL is:
>This draft proposes a specific (simple) change to RFC1122 which would
>help reduce the use of Smurf amplification in DDOS attacks. This is
>augments ingress filtering; it is designed specifically for the case
>where the attacker (source) is using broadcast on the local LAN as
>part of a DDOS attack. This is a case where ingress filtering does
>We are proposing that it be an addition to the standard set by
>RFC1122. We'd very much like to hear comments from people on this draft.