ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Internet SYN Flooding, spoofing attacks

2000-02-11 13:50:02
from [John Stracke] [Permanent Link] 
Bernie Volz wrote:


Regarding the recent TCP SYN Flooding attacks, why aren't ALL ISPs
required to put filtering on their networks that PREVENTS packets with
invalid source addresses ever entering their infrastructure?


That wouldn't help with the current version of the problem.  An attacker
sends out a virus or worm or something; when it's running on 10^5
machines, the attacker turns them loose on the target.  Each of the source
addresses is valid; each of the packets sent is innocuous in and of
itself.

--
/=================================================================\
|John Stracke    | http://www.ecal.com |My opinions are my own.   |
|Chief Scientist |================================================|
|eCal Corp.      |"Genius, Brain! But what if the dragon eats us?"|
|francis(_at_)ecal(_dot_)com|"That would alter our plans."                   |
\=================================================================/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Internet SYN Flooding, spoofing attacks, Valdis . Kletnieks
Next by Date:  Re: Internet SYN Flooding, spoofing attacks, Michael H. Warfield
Previous by Thread:  Re: Internet SYN Flooding, spoofing attacks, Perry E. Metzger
Next by Thread:  Re: Internet SYN Flooding, spoofing attacks, Paul Ferguson
Indexes:  [Date] [Thread] [Top] [All Lists]