nanog mailing list archives
Re: M$SQL cleanup incentives
From: John Kristoff <jtk () depaul edu>
Date: Fri, 21 Feb 2003 16:52:18 -0600
On Fri, 21 Feb 2003 17:25:46 -0500 William Allen Simpson <wsimpson () greendragon com> wrote:
I've been pretty disappointed with some of the responses on this issue.
Maybe you won't like this one either, but here goes. I'd be very interested in hearing how opeators feel about 'pushback'. It may make more sense near ingress edges or where there is limited aggregate capacity on the egress (a bottleneck), but debating that point is probably secondary. You can refer to some of the material, particularly by Bellovin, Floyd and others here: <http://www.icir.org/pushback/> In the simplest scenario, pushback could be similarly deployed to the way RED is deployed (if you consider that easy or useful or not, I'm not sure). Signals do not even necessarily need to propagate to upstream routers, rather anomalous traffic (based on a simple, hopefully, policy) could be dropped more aggressively. This response could be automatic or require intervention. I think there are a number interesting properties to this approach, especially since if it behaves similar as one might hope, it could still allow some valid traffic through. Hint: think about what will happen if a Slammer/Sapphire-like worm hits port 25/53/80 and cannot be easily filtered without affecting all traffic on those ports. Coming up with a policy that determines what is anomalous is one of the hard parts. Vendor implementation being another, but you can kind of do this sort of thing already if you're so inclined. Thoughts? John
Current thread:
- scripts to map IP to AS? William Allen Simpson (Feb 20)
- Re: scripts to map IP to AS? Alif The Terrible (Feb 20)
- Re: scripts to map IP to AS? Hank Nussbacher (Feb 20)
- Re: scripts to map IP to AS? Johannes Ullrich (Feb 20)
- M$SQL cleanup incentives William Allen Simpson (Feb 20)
- Re: M$SQL cleanup incentives Iljitsch van Beijnum (Feb 20)
- Re: M$SQL cleanup incentives Valdis . Kletnieks (Feb 20)
- Re: M$SQL cleanup incentives William Allen Simpson (Feb 21)
- Re: M$SQL cleanup incentives John Kristoff (Feb 21)
- Re: M$SQL cleanup incentives Randy Bush (Feb 21)
- Re: scripts to map IP to AS? Hank Nussbacher (Feb 20)
- Re: M$SQL cleanup incentives Iljitsch van Beijnum (Feb 21)
- Re: M$SQL cleanup incentives Doug Clements (Feb 22)
- Re: M$SQL cleanup incentives William Allen Simpson (Feb 22)
- Re: M$SQL cleanup incentives Doug Clements (Feb 22)
- Re: M$SQL cleanup incentives jlewis (Feb 22)
- Re: M$SQL cleanup incentives Stephen Sprunk (Feb 22)
- Re: M$SQL cleanup incentives jlewis (Feb 22)
- Re: scripts to map IP to AS? Alif The Terrible (Feb 20)
- Re: M$SQL cleanup incentives William Allen Simpson (Feb 22)
- The good old days (was Re: M$SQL cleanup incentives) Sean Donelan (Feb 24)