On Wed, 24 Jan 2001, Bill Fumerola wrote:
allow me to channel a few unnamed large national backbones:
"Well if thats the case, then they should just turn off their DNS server, because that's obviously the cause of the attack."
Bill, don't make me smack you. The DDoS problem is endemic to the current state of hardware and software that comrpises the internet. There are _no_ good answers to DDoS, especially if the coders get smarter and start doing things like: introduce jitter into their DDoS source machines. Send out 20k bytes and then go quiescent for 1000*random() Putting rate limiting and reactive flow control from the boxes attacking so they wouldnt be noticed or easily traced. Random time intervals on which to start and stop attacks would make them almost impossible to traceback Launch a DDoS against the peers of a major backbone, targetting their border routers .... Weak implementations and non-rate limited route processors on internet routers leads to flapping... flapping leads to dampening... dampening leads to suffering Etc. etc. /vijay