Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is there a line of defense against Distributed Reflective attacks?

  • From: Travis Pugh
  • Date: Fri Jan 17 00:28:58 2003

According to hc <haesu@towardex.com>


> Of course, egress filters don't
> solve the issue. But considering most script kiddies' intelligence
level
> is limited, it will help at least a bit. :-) The problem with egress
> filtering is that it's mostly applicable at the end tier2+ level,
not at
> the backbones, which means a lot of ISP's who are oblivious on what
it
> is (or some cases where egress filter breaks their network setup).

On the subject of "help a bit", if service providers were to require,
by default, either an egress filter (correctly configured) on the CPE
router or an ingress filter on their own customer aggregation router
it might do some good ...

Cheers.

-travis

>
> -hc
>





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.