North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Few questions to the american ISPs [Re: DDOS anecdotes]
- From: Alexei Roudnev
- Date: Sat Jun 23 21:50:20 2001
But 99% of the cable/provbider customers are residential ones, and so are not
multy-home, so simple
_SRC filtering by default_ implemented by the hw vendor can help.
And notice, thet this _cable residential users_ are most affected to the hackers
because they areusially non-skilled and non-professionals, and so it's very
important to prevent hackers from abusing them at least as a source for the DDOS
(and for me the weakness of this customers looks like a great danger - they really
are very affected to be broken and abused, and (on the other hand) they make a
bridge to the more serious hacking because they have some passwords/logins on
their home sites).
----- Original Message -----
From: "Christopher A. Woodfield" <firstname.lastname@example.org>
To: "Alexei Roudnev" <alex@relcom.EU.net>
Cc: <email@example.com>; "Sean M. Doran" <firstname.lastname@example.org>
Sent: Saturday, June 23, 2001 5:56 PM
Subject: Re: Few questions to the american ISPs [Re: DDOS anecdotes]
> At a conference in late 1999, UUNet announced that they had anti-spoof
> filters in place on their dialup ports. Not that that amount to much in
> contrast to teh amount of spoofed DDOS traffic from cable providers, mind
> you...IIRC, it's the cable providers that need to put up the anti-spoofing
> filters the most.
> > - any big ISP have skilled security person available. When I worked in Russia,
> > took 10 - 15 minutes to contact your ISP and install such filters; for EUnet,
> > took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a
> > (UUnet was an exception)...
> > - all cable providers will have src address filters, so preventing src address
> > frauding.
> Christopher A. Woodfield email@example.com
> PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B