Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)

  • From: Avleen Vig
  • Date: Sun Mar 07 02:08:24 2004

On Sat, Mar 06, 2004 at 06:39:21PM -0500, Sean Donelan wrote:
> Source address validation (or Cisco's term uRPF) is perhaps more widely
> deployed than people realize.  Its not 100%, but what's interesting is
> despite its use, it appears to have had very little impact on DDOS or
> lots of other bad things.

Try saying that after running a major DDoS target, with "HIT ME" your
forehead.
No offense Sean but I'd like you to back your claim up with some
impirical data first.
>From experience the majority of TCP based denial of service attacks
(which usually seem to be balanced with UDP, but ICMP is not as frequent
as it once was), use spoofed sources.

-- 
Avleen Vig
Systems Administrator
Personal: www.silverwraith.com




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.