Re: Effective ways to deal with DDoS attacks?
1) rate-limits aren't going to solve anything.
Um, you *could* try reading the paper.
2) I'm pretty sure most providers aren't going to let customers determine traffic engineering methods on their networks
See the above. This is not something done by the customers (well they could, but that's not the main idea).
3) if this is NOT done in a secure manner I bet I can make www.whitehouse.com disappear... :)
Could be we thought of that too! Vern
Date: Tue, 07 May 2002 14:50:47 -0700 From: vern@ee.lbl.gov
2) I'm pretty sure most providers aren't going to let customers determine traffic engineering methods on their networks
See the above. This is not something done by the customers (well they could, but that's not the main idea).
I nominate the trust chain model. Sort of like BGP. If I speak bad BGP, chances are that higher powers will edit filter-lists and distribute-lists, and I'll have "set community kick-me" on my back for the next three years. ;-) Granted, BGP isn't foolproof. We all can recall some rather, uh, messy BGP screwups that caused widespread problems. But by and large, it works rather well. -- Eddy Brotsman & Dreger, Inc. - EverQuick Internet Division Phone: +1 (316) 794-8922 Wichita/(Inter)national Phone: +1 (785) 865-5885 Lawrence ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <blacklist@brics.com> To: blacklist@brics.com Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <blacklist@brics.com>, or you are likely to be blocked.
participants (2)
-
E.B. Dreger
-
vern@ee.lbl.gov