Another example of how lack of splay allows DDOS to devastate a network. Paul Vixie's presentation on anycast F root server provided good points about splay. They need more peer points and sites, not a move from point A to point B. On Monday, May 5, 2003, at 01:58 PM, Sean Donelan wrote:
On Mon, 5 May 2003, Christopher L. Morrow wrote:
I suppose contacting upstreams for traceback and filtration isn't something they want to do??
I may not be on the correct lists to hear about the local Pakistan ISP scene, but I didn't find much technical information about what was happening.
The attacks APPEAR to be originating from India and a virus called YAHA which targets certain Pakistan government web sites, .PK top-level domain name servers and the primary Internet exchange in Pakistan. Most of the Pakistan Internet traffic is funneled through a single exchange point and official provider PTCL. Good for intelligence agencies, bad for reliability and DDOS survivability.
YAHA variants have been circulating since last June. The infected computers are inside and outside of Pakistan, and continuing to increase
So you need to solve 1. Viruses 2. Spam 3. DDOS
I suppose you could renumber/rename Pakaistan. But when the next variant of Yaha was released, it would probably just include the updated information.
One of the government ministers suggested moving some of the official sites to the colocation in the US. It might help in the short term, since the US has excess bandwidth and can absorb the attacks longer.
-- Joseph T. Klein VP/CTO and bottle washer Titania Corporation, Inc. PSTN: +1 415 462 1534 Mobile: +1 414 628 3380