|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: DDOS Attack Mitigation
From: John Edwards (isplist
PINNACLE.NET.AU)Date: Tue Feb 15 2000 - 18:11:57 CST
- Next message: Daniel Carosone: "NetBSD Security Advisory 1999-012"
- Previous message: Stainforth, Matthew: "Re: DDOS Attack Mitigation"
- In reply to: Alan Brown: "Re: DDOS Attack Mitigation"
- Next in thread: Chris Cappuccio: "Re: DDOS Attack Mitigation"
- Next in thread: Julien Nadeau: "Re: DDOS Attack Mitigation"
- Reply: John Edwards: "Re: DDOS Attack Mitigation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alan Brown wrote:
>
> On Sun, 13 Feb 2000, Darren Reed wrote:
>
> > You know if anyone was of a mind to find someone at fault over this,
> > I'd start pointing the finger at ISP's who haven't been doing this
> > due to "performance reasons".
>
> To be fair, if you do this on most terminal servers (eg, Cisco 5300, Max
> 4000), they will collapse under the load.
I maintain a number of sites running the ACC/Ericsson Tigris access
servers, which have similar processing power to the 5300. These units
have ingress filtering enabled on dialup ports by default, requiring a
trivial amount of CPU utilization to do so. Ingress filtering is really
just another routing decision, something that these kinds of boxes are
made to do all day, every day.
John Edwards
- Next message: Daniel Carosone: "NetBSD Security Advisory 1999-012"
- Previous message: Stainforth, Matthew: "Re: DDOS Attack Mitigation"
- In reply to: Alan Brown: "Re: DDOS Attack Mitigation"
- Next in thread: Chris Cappuccio: "Re: DDOS Attack Mitigation"
- Next in thread: Julien Nadeau: "Re: DDOS Attack Mitigation"
- Reply: John Edwards: "Re: DDOS Attack Mitigation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]