On Tue, 17 Sep 1996, Perry E. Metzger wrote:
Michael Dillon writes:
On Tue, 17 Sep 1996, Alan Hannan wrote:
Could we drop the SYN/Denial thread? It's becoming rather base.
The discussion could always be moved to the firewalls list.
I would suggest that it not be. This is actually a crisis that has to be solved by action taken by service providers working together, and does not involve conventional firewalls per se. I would say that it is therefore germane to Nanog.
If we're voting, I'd say inet-access. SYN attacks and defense are more centered on the ISP's than the backbones.
--- David Miller
Sigh. My feeling is that host-based solutions should be discussed on inet-access, but mentioned briefly also on nanog so that providers can note them to give pointers to their customers. And there probably is too much SYN-related traffic on nanog anyway. The plea has been made: You should - or you should encourage your customers to - filter garbage inbound to you from them or outbound from them to you. You should come up with a plan to nail the source of SYN attacks quickly if the trail leads to your network as the source. Avi