Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BCP38 making it work, solving problems

  • From: Christopher L. Morrow
  • Date: Tue Oct 12 13:28:39 2004


On Tue, 12 Oct 2004, Bora Akyol wrote:

> Excerpt from the text quoted above:
>
>    2.3. For a DDoS attack to succeed more than once, the launch points must
>    remain anonymous.  Therefore, forged IP source addresses are used.  From
>    the victim's point of view, a DDoS attack seems to come from everywhere
>    at once, even from many IP addresses that are unallocated or otherwise
>    invalid.
>
> How many people have seen "forged" spoofed IP addresses being used
> for DOS attacks lately?

it does still happen... I've not run the numbers for our reactions to say
'50% spoofed/50% non-spoofed' but it certainly seems like 'more' are
non-spoofed lately. This could be a simple swing of the pendulum, or other
'better' things like more people egress filtering.

-Chris




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.