nanog mailing list archives
Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Sun, 19 Jan 2003 06:08:20 +0000 (GMT)
On Sat, 18 Jan 2003, Avleen Vig wrote:
On Sat, 18 Jan 2003, Christopher L. Morrow wrote:Eliminating spoofed addresses from the backbone, even if it were possible to do 100%, would not eliminate denial of service attacks. The DDoS attacksThis was precisely the point of Mr. Gill from AOL at the aforementioned NANOG meeting, I believe his quote goes something like: "The ip address used for the attack is orthogonal to the problem..." To me this makes perfect sense... People really do get stuck on the red herring of 'stopping all spoofing'. That isn't the problem, as you say below here its trivial to use owned hosts by the thousands to attack with unspoofed addresses... Rob Thomas has some good data on attacks against IRC servers and other hosts on the internet, his data last I recall was something like 80% of attacks use spoofed addresses, though more and more his tracked attacks are showing from non-spoofed hosts. He can certainly jump in and correct me though :) I can speak authoritatively from the network I work on's perspective on this issue, more and more we have seen non-spoofed attacks. There are still plenty of spoofed attacks, but frankly we prefer that as its MUCH easier to track and stop.you could partly get around this by blocking all 'SYN' packets going to your customers :-)
and we are hoping none are hosting webservers or mail servers or.... right? Oh wait! I'll just make them use my datacenters, right?? or were you not talking about the attacks?
Unless/until the kiddies start using UDP... messy.
Current thread:
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?, (continued)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 17)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? todd glassey (Jan 19)
- Message not available
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Daniel Senie (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? John Kristoff (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Chris Adams (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? hc (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? John Kristoff (Jan 19)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 17)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Rob Thomas (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Avleen Vig (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 18)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Avleen Vig (Jan 19)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Johannes Ullrich (Jan 19)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Rob Thomas (Jan 19)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Avleen Vig (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Jeff Workman (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Christopher L. Morrow (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Scott Granados (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Avleen Vig (Jan 20)
- Re: FW: Re: Is there a line of defense against Distributed Reflective attacks? Vadim Antonov (Jan 20)