ietf-asrg
[Top] [All Lists]

Re: [Asrg] In case anyone thought Barry was exaggerating

2003-06-27 11:48:03
Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
Then according to you, how is spam different from a DDOS attack were 
thousands of computers start spewing packets?

  This is one part where I agree 100% with Barry: It's no different.

  Spam is a permanent DDoS attack.  Any lesser interpretation of it is
inadequate.

  Where I may differ from other people is that I believe the design
and use of SMTP is itself contributory to the *ability* and *ease* by
which this DDoS attack may be maintained.  In addition, many network
behaviours that non-spammers find useful, and which they refuse to
live without, are indistinguishable from the behaviour of spammers.
This further prevents any solution from being implemented.

If both problems are similar, then perhaps we need to look into what
methods are currently in place to block DDOS attacks and we can
reuse the same methods here for spam.

  DDoS attacks can only be prevented if the network entities mutually
cooperate to minimize the scope of the attack.  As seen here, that's
extremely difficult to do.

  A naive approach to fighting DDoS attacks is to push packet filter
rules "upstream".  There is some research on this topic, but you end
up with a network entity being asked to apply thousands or hundreds of
thousands, of filtering rules, with little perceived local benefit.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg