That would come under the heading of a virus or trojan I believe. And sure there is no reason a NAT'd cell phone couldnt participate in this type of attack. The DDOS discussion is specifically referring to a "live" syn or syn/ack attack from hosts that respond to connection requests. A NAT'd cell phone wont, cant ever, respond to an unsolicited connection request. jm
-----Original Message----- From: Gary E. Miller [mailto:gem@rellim.com] Sent: Thursday, May 02, 2002 11:00 AM To: Mansey, Jon Cc: nanog@merit.edu Subject: RE: DDOS attacks and Large ISPs doing NAT?
Yo Jon!
On Thu, 2 May 2002, Mansey, Jon wrote:
To merge these 2 great threads, it is the case is it not that NAT is a great way to avoid DDOS problems. I don't even want to imagine what the billing/credit issues would be like if your always-on phone with a real IP is used as a zombie in a DDOS. "Hey I didn't use all that traffic last month....etc etc"
Who says a NATed host can not be a zombie? Get the NATed host to read an email virus. The virus then coonects to an IRC channel that tells the zombie when to spew.
Each phone would not spew much, but imagine you got 100M phones to do your DDoS for you...
RGDS GARY -------------------------------------------------------------- ------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem@rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676