At 03:45 PM 02/11/2000 -0500, John Stracke wrote: > > Regarding the recent TCP SYN Flooding attacks, why aren't ALL ISPs > > required to put filtering on their networks that PREVENTS packets with > > invalid source addresses ever entering their infrastructure? > >That wouldn't help with the current version of the problem. An attacker >sends out a virus or worm or something; when it's running on 10^5 >machines, the attacker turns them loose on the target. Each of the source >addresses is valid; each of the packets sent is innocuous in and of >itself. Yes, it would certainly help. It would allow the attacks to be traced back to the zombies (in the case of these DDoS attacks), and the perpetrators to be traced back and identified. - paul
- Re: Internet SYN Flooding, spoofing attacks Paul Ferguson
- Re: Internet SYN Flooding, spoofing attack... Valdis . Kletnieks
- Re: Internet SYN Flooding, spoofing at... Daniel Senie
- Re: Internet SYN Flooding, spoofing attack... Donald E. Eastlake 3rd
- Re: Internet SYN Flooding, spoofing at... Robert Elz
- Re: Internet SYN Flooding, spoofin... Charles E. Perkins
- Re: Internet SYN Flooding, sp... Paul Ferguson
- Re: Internet SYN Flooding, sp... Daniel Senie
- Re: Internet SYN Flooding, spoofing attacks Perry E. Metzger
- Re: Internet SYN Flooding, spoofing attacks John Stracke
- Re: Internet SYN Flooding, spoofing attacks Paul Ferguson
- Re: Internet SYN Flooding, spoofing attack... Vijay Gill
- Re: Internet SYN Flooding, spoofing at... Paul Ferguson
- Re: Internet SYN Flooding, spoofin... Vijay Gill
- Re: Internet SYN Flooding, sp... Paul Ferguson
- Re: Internet SYN Flooding... Mark Prior
- Re: Internet SYN Flooding, spoofin... Valdis . Kletnieks
- Re: Internet SYN Flooding, sp... Paul Ferguson
- Re: Internet SYN Flooding, spoofin... Mark Prior
- Re: Internet SYN Flooding, spoofing attacks Michael H. Warfield
- Re: Internet SYN Flooding, spoofing attacks Steven M. Bellovin
