2 Dec
1998
2 Dec
'98
10:29 p.m.
On Wed, Dec 02, 1998 at 03:57:08PM -0500, Mark R. Lindsey wrote: ==>Could traffic shaping, or similar QoS configurations, be used to solve ==>such issues in a more general way? For example, if my source of packet ==>flooding is ICMP, then I'd like to be able to dedicate as much as 1/10th ==>(e.g.) of the bandwidth of each link to ICMP. That's plenty of ICMP, but ==>it's not so much that an attack using ICMP would be effective. Sure. Check out my Smurf paper at http://www.quadrunner.com/~chuegen/smurf.html It has information on using Cisco's Committed Access Rate (CAR) feature to rate-limit traffic such as ICMP echo/echo-reply and TCP SYNs. /cah