Steven Bellovin has been doing considerable and valuable work on a method called pushback. You can find a paper on this here: http://www.research.att.com/~smb/papers/pushback-impl.pdf He is a listmember here and one of the real luminaries on IP security issues. Best regards, ==================== Geoff Zinderdine CCNP CCA MCP MTS Communications Inc. ==================== "I'd rather route than switch." ----- Original Message ----- From: "Andrew Dorsett" <zerocool@netpath.net> To: <nanog@merit.edu> Sent: Thursday, May 31, 2001 4:59 PM Subject: engineering --> ddos and flooding
Hey, this is a technical question for all of the Network Engineers/Architects on the list. Has a method been found to stop an incoming attack? Granted you can filter the packets to null on the
router,
but that doesn't stop them from coming across the wire and into the router. Has a way been devised to stop them from coming into the router; via something like a BGP update to null the packets or what? I'm concerned about a flood that is so massive coming from the core and flooding a small T1 or less.
Thanks, Andrew --- <zerocool@netpath.net> http://www.andrewsworld.net/ ICQ: 2895251 Cisco Certified Network Associate Development Assistant: Netpath/Stratonet, Inc. (http://www.netpath.net/) Email: dorsett@netpath.net
"Learn from the mistakes of others. You won't live long enough to make all of them yourself." -- Unknown "YEEEHA!!! What a CRASH!!!" -- Random System Administrator