Re: Is there a line of defense against Distributed Reflective attacks?
Date: Fri Jan 17 00:01:41 2003
Normally that's not very productive as they are mostly owned boxes that
will be rebuilt and reowned in days :(
I agree, keeping track of the attacks would not be very useful nor helpful.
I bet if more ISP's would implement egress filtering on their border routers,
it'd help quite a bit. Of course, egress filters don't solve the issue. But
considering most script kiddies' intelligence level is limited, it will help
at least a bit. :-) The problem with egress filtering is that it's mostly
applicable at the end tier2+ level, not at the backbones, which means a lot
of ISP's who are oblivious on what it is (or some cases where egress filter
breaks their network setup).