is any active working group persuing this matter seriously? -rgds Alok ----- Original Message ----- From: alok <alok.dube@apara.com> To: <cjclark@alum.mit.edu>; <Valdis.Kletnieks@vt.edu> Sent: Saturday, November 02, 2002 4:26 AM Subject: Re: ICANN Targets DDoS Attacks
The first, dropping broadcasts destined to your customers, is possibly doable, but not trivial.
------> IGP learnt networks .. a small tweaky bit which learns broadcast addresses via the networks in the IGP wud help (again summarization wud make it bad)
The second, catching all broadcasts coming in, out, or just passing through, is pretty much impossible.
-----> a very small percentage cud be blocked if u were willing to link this to BGP learnt networks..at least those are "complete networks", not subnetted.... ofcourse its a very small portion, mebbe u cud ask guys to send more specific BGP routes from now.... -A