nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: Paul Ferguson <pferguso () cisco com>
Date: Thu, 03 Oct 1996 06:32:51 -0400
At 11:52 PM 10/2/96 -0400, Dima Volodin wrote:
I.e. a single compromised host in the "permitted prefix filter range" can cause as much trouble as the current attacks. Granted, it's a bit easier to track down a host like this, but eliminating the majority of compromisable hosts is even more difficult than global implementation of the cited document. The bitter irony is that non-implementation of this draft will most probably corelate with presence of compromisable hosts.
Well, that's true, but it's a different facet of the same problem. The draft only attempts to solve what it is that we can solve be ingress filtering. Solutions using firewalls or proxy devices which defat this type of attack are a Good Thing, but if everyone does ingress filtering, a large percentage of this problem disappear. - paul
Thus host-(and firewall-)based solutions are at least as important as the ingress filtering. As of the evidence of these attacks - they were evident long before the current talking. Dima
- - - - - - - - - - - - - - - - -
Current thread:
- Re: New Denial of Service Attack on Panix, (continued)
- Re: New Denial of Service Attack on Panix Mike O'Dell (Oct 03)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- SUN: Re: New Denial of Service Attack on Panix Allan Chong (Oct 03)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Oct 03)
- Re: TCP SYN attacks Ran Atkinson (Oct 03)
- Re: TCP SYN attacks Zach (Oct 03)
- Re: TCP SYN attacks Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Daniel W. McRobb (Oct 03)