nanog mailing list archives

Re: Over a decade of DDOS--any progress yet?

From: Michael Costello <mc3401 () columbia edu>
Date: Sat, 11 Dec 2010 16:27:44 -0500

On Fri, 10 Dec 2010 15:32:10 -0500
Drew Weaver <drew.weaver () thenap com> wrote:

I should've "qualified" my question by saying "What valid application
which traverses the Internet and could be seen at the edge of a
network actually uses UDP 80?"


I'll grant that my response was a bit pedantic: there is no
legitimate reason for such traffic to leave a network.

I can't imagine there is too much Cisco NAC client for macs carrying
on over the Internet, although I have been wrong in the past.


I imagine you're right, and that any network that detects any
significant amount would be one whose first octet is a common
fourth-octet-of-a-gateway (1, 65, 129, etc).

mc

Current thread:

Re: Over a decade of DDOS--any progress yet?, (continued)
- - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
  - Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Arturo Servin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Michael Costello (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
    - Re: Over a decade of DDOS--any progress yet? Michael Costello (Dec 11)
  - Re: Over a decade of DDOS--any progress yet? Chris Boyd (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
- Re: Over a decade of DDOS--any progress yet? alvaro.sanchez () adinet com uy (Dec 08)