RE: ICANN Targets DDoS Attacks
Agreed 100%, but Gov't (being run by lawyers) is well accustomed to defining what the meaning of 'is' is. If they dictate that ISPs employ "DDoS Protection", they will define what "DDoS Protection" means 'for the purposes of this policy'. -----Original Message----- From: fingers [mailto:fingers@fingers.co.za] Sent: Tuesday, October 29, 2002 10:04 AM To: H. Michael Smith, Jr. Cc: nanog@merit.edu Subject: RE: ICANN Targets DDoS Attacks
Source address verification at access layer and rate limiting icmp would be fine starts.
these are "best practices" and not "DDoS Protection" imho
Agreed 100%, but Gov't (being run by lawyers) is well accustomed to defining what the meaning of 'is' is. If they dictate that ISPs employ "DDoS Protection", they will define what "DDoS Protection" means 'for the purposes of this policy'.
ah ok the point I was trying to make is, there are steps that can be taken to mitigate/reduce the affects of DDoS. I do not believe there is any complete way to "protect against a DDoS". perhaps I'm just being pedantic. perhaps the clarity you mention would be a good thing for other areas too :)
I would point out that if we were to define it and provide the definition to the proper authorities, it would go a long way towards getting a definition that makes sense. I, (and many others here I would imagine) can help get the definition to the right ears if ya'll come up with it. iii fingers wrote:
Agreed 100%, but Gov't (being run by lawyers) is well accustomed to defining what the meaning of 'is' is. If they dictate that ISPs employ "DDoS Protection", they will define what "DDoS Protection" means 'for the purposes of this policy'.
ah ok
the point I was trying to make is, there are steps that can be taken to mitigate/reduce the affects of DDoS. I do not believe there is any complete way to "protect against a DDoS". perhaps I'm just being pedantic. perhaps the clarity you mention would be a good thing for other areas too :)
participants (3)
-
bob
-
fingers
-
H. Michael Smith, Jr.