On Fri, Jan 17, 2003 at 01:11:14AM -0500, David G. Andersen mooed:
b) Ioannidis and Bellovin proposed a mechanism called "Pushback" for automatically establishing router-based rate limits to staunch packet flows during DoS attacks. [NDSS 2002, "Implementing Pushback: Router-Based Defense Against DDoS Attacks"]
I should have been a bit more accurate here. The proposal for pushback is actually earlier than the implementation paper I cited above: "Controlling High Bandwidth Aggregates in the Network. Ratul Mahajan, Steven M. Bellovin, Sally Floyd, John Ioannidis, Vern Paxson, and Scott Shenker. July, 2001." and it also included an internet-draft: http://www.aciri.org/floyd/papers/draft-floyd-pushback-messages-00.txt I believe that Steve Bellovin gave a talk about it at NANOG 21: http://www.research.att.com/~smb/talks/pushback-nanog.pdf -Dave (I'll learn not to send mail past midnight some day) -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ I do not accept unsolicited commercial email. Do not spam me.