Re: DoS attacks, NSPs unresponsiveness

[dies <dies () pulltheplug com>]

Hmmm...

This would
> > prevent one from actually attacking from a network participating in
this
> > BGP session.

That is from my email...It stops the attack from happening...It will not
stop the attack if it is ongoing...Was there some confusion in how I
stated that?



On Fri, 3 Nov 2000, John Payne wrote:

> On Thu, Nov 02, 2000 at 10:29:51PM -0500, dies wrote:
> >     This topic is continously covered (as you can tell) so I'm not
> > sure where to go from here.  I've been looking into starting a BGP speaker
> > that announces the top 4000 smurf amplifiers from my list and the top 2000
> > from netscan, which in turn can be pushed to null0 or discard.  This would
> > prevent one from actually attacking from a network participating in this
> > BGP session.  I've tested it and it's working on a couple smaller ISPs as
> > we speak.  My major problem is getting some Tier-1's to go for
> > it...Anyways I guess larger attacks than last Feb. will have to happen to
> > get something done?  Let's hope not...
>
> Oh, do tell... how does the fact that you null route smurf amps stop those
> amps attacking you?
>
> -- 
> John Payne      http://www.sackheads.org/jpayne/    john () sackheads org
> http://www.sackheads.org/uce/                    Fax: +44 870 0547954
>         To send me mail, use the address in the From: header