24 Oct
2002
24 Oct
'02
4:51 p.m.
--On Thursday, October 24, 2002 04:30:20 PM -0400 "David G. Andersen" <dga@lcs.mit.edu> wrote:
Until the default behavior of most systems is to block spoofed packets, it's going to remain a problem.
I assert this is not the case. A significant percentage of DDoS attacks use legitimate source IP addresses. When there are thousands of throw-away hosts in the attack network, the difficulty of traceback and elimination remains, and so does the problem. Yes, blocking spoofed packets helps. But it is not an end-game. Kevin