North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: DNS issues various
- From: Kevin Houle
- Date: Thu Oct 24 16:54:08 2002
--On Thursday, October 24, 2002 04:30:20 PM -0400 "David G. Andersen"
<dga@lcs.mit.edu> wrote:
Until the default behavior of most systems is to block spoofed packets,
it's going to remain a problem.
I assert this is not the case. A significant percentage of DDoS attacks use
legitimate source IP addresses. When there are thousands of throw-away hosts
in the attack network, the difficulty of traceback and elimination remains,
and so does the problem.
Yes, blocking spoofed packets helps. But it is not an end-game.
Kevin
|
