Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: New Internet-draft on DDOS defense...

  • From: Owen DeLong
  • Date: Fri May 12 11:12:16 2000 

> >On Thu, 11 May 2000, Owen DeLong wrote:
> >
> >> Right answer, wrong reason.  The originating host will be easy to identify
> >> because the MAC address of the originating machine of the ECHO-REQUEST
> >> packets will be contained in the packets.
> >
> >I have to strongly disagree, MAC addresses don't make it across router
> >boundaries, source IP addresses do.
> 
> Besides, MAC addresses are quite often changeable.

Source IP's are even easier to modify than source MAC addresses.  However,
at least on a switched LAN, most switches provide some way to show the
MAC forwarding table.  As such, you can at least isolate which port
the packets are originating from.

Owen


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.