Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: UUNet Offer New Protection Against DDoS

  • From: Paul G
  • Date: Wed Mar 03 04:08:06 2004

erik,

----- Original Message ----- 
From: "Erik Haagsman" <erik@we-dare.net>
To: "Paul G" <paul@rusko.us>
Cc: "Deepak Jain" <deepak@ai.net>; "william(at)elan.net" <william@elan.net>;
"John Obi" <dalnetuzer@yahoo.com>; <nanog@merit.edu>
Sent: Wednesday, March 03, 2004 3:47 AM
Subject: Re: UUNet Offer New Protection Against DDoS


>
> On Wed, 2004-03-03 at 09:26, Paul G wrote:
> > cant speak for them, but this would be my preferred first step. next
step
> > is, of course, an attempt to filter on {source, unique characteristics,
what
> > have you} and removing the blackhole.
>
> What most people seem to forget is that neither of these steps actually
> counter the DoS...they merely make the DoS as invisible as possible to
> customers

correct. from our pov, it is gone. given that 'solving the problem' is not
always possible, this is almost as good as it gets in the real world.

> while the traffic keeps hitting the carrier in question. For
> the large carriers this is only a minor inconvenience.
> For smaller carriers or for co-location facilities/NSP's that are
> relying on not-so-clueful carriers (read: carriers not supporting any
> kind of communities with possible lack of pro-active network management
> and/or bad communications) this is a BIG problem. Even though they might
> take the heat off the targeted customer, they could be in for a rough
> ride themselves as the DoS keeps going and going.

we tend to get small ddos (a few hundred megs) that are more of an annoyance
than anything else, at least before they hit the customer-in-question 's
faste handoff.

> I haven't seen any major press-releases on actually solving the problem
> instead of hiding it... (granted...I haven't put out one either :-)

<grin>. in other news, noone has solved the perpetuum mobile problem either.
as a carrier, your job is to solve the problem for the customer. this
includes staying up afterwards.

paul





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.