Application layer DDoS attacks , in most (all?) cases require a valid TCP/IP connection, therefore are not spoofed and BCP38 is irrelevant
Sent from Steve's iPhone > On May 25, 2015, at 8:00 AM, nanog-requ...@nanog.org wrote: > > Send NANOG mailing list submissions to > nanog@nanog.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://mailman.nanog.org/mailman/listinfo/nanog > or, via email, send a message with subject or body 'help' to > nanog-requ...@nanog.org > > You can reach the person managing the list at > nanog-ow...@nanog.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of NANOG digest..." > > > Today's Topics: > > 1. Re: [SECURITY] Application layer attacks/DDoS attacks > (Christopher Morrow) > 2. Re: [SECURITY] Application layer attacks/DDoS attacks > (Ramy Hashish) > 3. Re: [SECURITY] Application layer attacks/DDoS attacks (Randy Bush) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Sun, 24 May 2015 23:01:50 -0400 > From: Christopher Morrow <morrowc.li...@gmail.com> > To: jim deleskie <deles...@gmail.com> > Cc: Ramy Hashish <ramy.ihash...@gmail.com>, NANOG list > <nanog@nanog.org> > Subject: Re: [SECURITY] Application layer attacks/DDoS attacks > Message-ID: > <cal9jlayf7v-ng_1qgehthhasod6vea5vjcsjcwhs29gpcru...@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > On Sat, May 23, 2015 at 9:12 PM, jim deleskie <deles...@gmail.com> wrote: >>> However, the trusted network initiative might be a good approach to start >>> influencing operators to apply anti-spoofing mechanisms. > > explain how you think the 'trusted network initiative' matters in the > slightest? > > -chris > > > ------------------------------ > > Message: 2 > Date: Mon, 25 May 2015 06:48:41 +0200 > From: Ramy Hashish <ramy.ihash...@gmail.com> > To: morrowc.li...@gmail.com, nanog@nanog.org > Subject: Re: [SECURITY] Application layer attacks/DDoS attacks > Message-ID: > <caolsbot_sowhlzvrgb31nmmx5isis8rkxojupp9nynvu05d...@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > The idea of restricting access to a certain content during an attack on the > "trusted networks" only will make all interested ISPs be more "trusted" > > Ramy > > On Mon, May 25, 2015 at 5:01 AM, Christopher Morrow <morrowc.li...@gmail.com >> wrote: > >> On Sat, May 23, 2015 at 9:12 PM, jim deleskie <deles...@gmail.com> wrote: >>>> However, the trusted network initiative might be a good approach to >> start >>>> influencing operators to apply anti-spoofing mechanisms. >> >> explain how you think the 'trusted network initiative' matters in the >> slightest? >> >> -chris > > > ------------------------------ > > Message: 3 > Date: Mon, 25 May 2015 15:18:43 +0900 > From: Randy Bush <ra...@psg.com> > To: Ramy Hashish <ramy.ihash...@gmail.com> > Cc: North American Network Operators' Group <nanog@nanog.org> > Subject: Re: [SECURITY] Application layer attacks/DDoS attacks > Message-ID: <m2r3q5b2nw.wl%ra...@psg.com> > Content-Type: text/plain; charset=US-ASCII > >> The idea of restricting access to a certain content during an attack >> on the "trusted networks" only will make all interested ISPs be more >> "trusted" > > don't the lawyers already have enough money? > > > End of NANOG Digest, Vol 88, Issue 25 > *************************************
