OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: DDOS Attack Mitigation
From: Julien Nadeau (julienCSOFT.NET)
Date: Mon Feb 14 2000 - 12:44:09 CST


> You know if anyone was of a mind to find someone at fault over this,
> I'd start pointing the finger at ISP's who haven't been doing this
> due to "performance reasons". They've had the ability to do it for
> years and in doing so would seriously reduce the number and possibility
> of "spoofing" attacks.

Agreed, I myself work for an ISP which provides co-location services,
and at first most admins (with years of experience might i add), just
don't
cared much about what's going out. When I got them all to filter
outgoing
packets, traffic dropped.

A solution would be for kernels to provide an option to keep a local
IP lookup table which could be simply based on network interfaces; of
course, given an stable implementation, this option enabled by default
would take care of spoofing problems for admins who don't think much
about what they're sending out -- i mean, they're big part of the
problem.