Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Few questions to the american ISPs [Re: DDOS anecdotes]

  • From: Alexei Roudnev
  • Date: Sat Jun 23 21:50:20 2001

Yes.

But 99% of the cable/provbider customers are residential ones, and so are not
multy-home, so simple
_SRC filtering by default_ implemented by the hw vendor can help.

And notice, thet this _cable residential users_ are most affected to the hackers
because they areusially non-skilled and non-professionals, and so it's very
important to prevent hackers from abusing them at least as a source for the DDOS
attacks.

(and for me the weakness of this customers looks like a great danger - they really
are very affected to be broken and abused, and (on the other hand) they make a
bridge to the more serious hacking because they have some passwords/logins on
their home sites).

----- Original Message -----
From: "Christopher A. Woodfield" <rekoil@semihuman.com>
To: "Alexei Roudnev" <alex@relcom.EU.net>
Cc: <nanog@merit.edu>; "Sean M. Doran" <smd@clock.org>
Sent: Saturday, June 23, 2001 5:56 PM
Subject: Re: Few questions to the american ISPs [Re: DDOS anecdotes]


> At a conference in late 1999, UUNet announced that they had anti-spoof
> filters in place on their dialup ports. Not that that amount to much in
> contrast to teh amount of spoofed DDOS traffic from cable providers, mind
> you...IIRC, it's the cable providers that need to put up the anti-spoofing
> filters the most.
>
> -C
>
> > - any big ISP have skilled security person available. When I worked in Russia,
it
> > took 10 - 15 minutes to contact your ISP and install such filters; for EUnet,
it
> > took 20 minutes; for TELIA, it was the same. For any amertican ISP, it took a
week
> > (UUnet was an exception)...
> > - all cable providers will have src address filters, so preventing src address
> > frauding.
> >
>
> --
> ---------------------------
> Christopher A. Woodfield rekoil@semihuman.com
>
> PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B
>





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.