Re: New Internet-draft on DDOS defense...

From: Brandon Ross (no email)
Date: Fri May 12 2000 - 07:53:14 EDT

Next message: Steven M. Bellovin: "Re: New Internet-draft on DDOS defense..."
Previous message: Paul Ferguson: "Re: New Internet-draft on DDOS defense..."
Maybe in reply to: Vipul Shah: "New Internet-draft on DDOS defense..."
Next in thread: Steven M. Bellovin: "Re: New Internet-draft on DDOS defense..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 11 May 2000, Owen DeLong wrote:

> Right answer, wrong reason. The originating host will be easy to identify
> because the MAC address of the originating machine of the ECHO-REQUEST
> packets will be contained in the packets.

I have to strongly disagree, MAC addresses don't make it across router
boundaries, source IP addresses do.

Brandon Ross 404-522-5400
VP Engineering, NetRail http://www.netrail.net
AIM: BrandonNR ICQ: 2269442
Read RFC 2644!
Stop Smurf attacks! Configure your router interfaces to block directed
broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.

Next message: Steven M. Bellovin: "Re: New Internet-draft on DDOS defense..."
Previous message: Paul Ferguson: "Re: New Internet-draft on DDOS defense..."
Maybe in reply to: Vipul Shah: "New Internet-draft on DDOS defense..."
Next in thread: Steven M. Bellovin: "Re: New Internet-draft on DDOS defense..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs