In short, the entire DPI debate is starting to go on similar lines, and flogging similar horses, as the gun control debate Yes, dpi has great, useful applications (ddos mitigation and other security, for example). And it has bad / harmful applications (dictatorships doing dpi to catch political dissent). That says a lot more about inappropriate / appropriate use of dpi rather than dpi itself. Nothing at all in DPI that makes it wrong, deeply evil etc. -srs On Mon, Mar 2, 2009 at 6:47 AM, Roland Dobbins <rdobbins@cisco.com> wrote:
On Mar 2, 2009, at 9:10 AM, Roland Dobbins wrote:
With regards to DDoS mitigation, it's sometimes necessary to go above layers-3/-4 in the event of layer-7-targeted attacks.
In fact, it's sometimes important to have the ability to parse packet payloads and/or interact with traffic in some layer-3/layer-4 attacks, depending upon the type of traffic, source distribution, legitimate proxy intermediaries, spoofed vs. non-spoofed, and so forth.
----------------------------------------------------------------------- Roland Dobbins <rdobbins@cisco.com> // +852.9133.2844 mobile
Some things are just too precious to entrust to computers.
-- Seth Hanford
-- Suresh Ramasubramanian (ops.lists@gmail.com)