28 Feb
2000
28 Feb
'00
11:31 p.m.
At 11:15 PM 02/28/2000 -0500, Richard Steenbergen wrote:
Be careful with flow when dealing with random src or random dst (for example, an attack which elicits a victim system to send replies to random destinations) attacks, or it may not help you much (as the flow cache gets max'd).
Just like they say about vitamin fortified cereals, "it's in there". The flow-switching creature features have enough functionality to trace an attacker back to its source. Yes, its painful. Yes, it has to be done in real-time. Yes, actually, it has been done before. No, there is no other real way to do it. People: Start source filtering so we can get beyond these inane discussions. - paul