North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Source address validation (was Re: UUNet Offer New Protection
- From: Paul Vixie
- Date: Sun Mar 07 02:33:47 2004
firstname.lastname@example.org (Sean Donelan) writes:
> > Try saying that after running a major DDoS target, with "HIT ME" your
> > forehead. No offense Sean but I'd like you to back your claim up with
> > some impirical data first.
> Has the number of DDOS attacks increased or decreased in the last few
> years has uRPF has become more widely deployed?
the number of spoofed-source attacks is down only-slightly.
> Do you have any evidence the number of attacks are decreasing?
the overall number of attacks and their volume seems to be decreasing
ever-so-slightly, but the ferocity of the attacks that come through seems
to be increasing more-than-slightly.
and, when defending against one of these, every valid source address is
worth its figurative weight in gold, and constitutes a minor compromise
for the attacker, even if the host it helps to identify is disposable,
easily replaced, and difficult to repair.
[ of course, sean, i could just be making that part up. but since i keep
saying it and since i get attacked pretty frequently, i might be telling
the truth. it could be worth assuming a little credibility and seeing
where that leads you. (but, we digress.) ]