In message <v0422080cb4d099a84d13(_at_)[171(_dot_)78(_dot_)30(_dot_)107]>,
Stephen Kent writes:
Steve,
The AT&T experiences might be different, but at GTE-I, a SYN flood
was the primary attack mechanism for one major web site that we host.
Also, it is not at all clear that our network had a problem handling
the other flooded traffic (ICMP Echo Reply and UDP traffic) that was
sent to 3 other targets on our net, but the web hosts that were
targets certainly did suffer from processing the traffic.
Right. Yahoo, though, was flooded mostly by the volume. I worry about
high-volume TCP garbage sent to port 80, which you can't filter.
Steve
P.S. Nice photo and quotes in Newsweek!
Thanks.
--Steve Bellovin