Re: Digital Island sponsors DoS attempt
Curious Chris, What IP's are they probing? LAN IPs? Or just the DNS server as they claim? And what then do these pings have to do with [quote from D.I.] "finding the nearest servers from our customers (Microsoft) to you"? What good does it do to ping to find distances, since the timing on the internet is not a constant, and neither are the pops, routes, hops...etc. This is why we use routing tables that are not constant... I really see no honest reason to be ping-probing one's LAN. And in the spirit of the internet and "good faith" behavior, a better explaination is warranted.
At 08:37 PM 10/25/2001, Christopher J. Wolff wrote:
Unfortunately, in this case I am not a customer of Digital Island in any way, nor have I given them authorization to hammer my network 441 times (and counting) in the last two hours.
They're of the opinion that they don't need your permission... if they want to hammer your network, they will.
'course, a nice ACL at the borders reminds 'em who your network actually belongs to
At 09:45 -0500 2001-10-26, Quibell, Marc wrote:
Curious Chris, What IP's are they probing? LAN IPs? Or just the DNS server as they claim?
Er, what if the DNS "server" happens to also be the host generating the query?
And what then do these pings have to do with [quote from D.I.] "finding the nearest servers from our customers (Microsoft) to you"? What good does it do to ping to find distances, since the timing on the internet is not a constant, and neither are the pops, routes, hops...etc. This is why we use routing tables that are not constant...
It's one additional measure that probably wasn't available beforehand. One could also potentially correlate with what the routing tables are suggesting to see if there's a "better" way to get content out of a different surrogate to the requesting host(s). Routing tables define reachability but aren't so hot at determining the actual performance of an end-to-end connection. If you're only interested in the packets getting there "eventually" then that's OK. If you need the packets to get there in the most optimal manner (and yes, "optimal" can mean many things) then you probably need to look at some other way to do things. --
participants (2)
-
Ian Cooper
-
Quibell, Marc