Without a concomitant increase in "trustworthy", assigning greater levels of
trust is fools endeavour. Whatever this trusted network initiative is, I take
that it was designed by fools or government (the two are usually
indistinguishable) for the purpose of creating utterly untrustworthy netw
Keith,
I agree, we can't even get everyone including some LARGE ( I'll avoid
Tier's because people get stupid around that too) networks to filter
customers based on assigned netblocks.
-jim
On Mon, May 25, 2015 at 9:44 AM, Keith Medcalf wrote:
>
> Without a concomitant increase in "trustwort
On 25 May 2015, at 19:44, Keith Medcalf wrote:
Whatever this trusted network initiative is, I take that it was
designed by fools or government (the two are usually
indistinguishable) for the purpose of creating utterly untrustworthy
networks.
AFAICT, the 'Trusted Network Initiative' largel
On 25 May 2015, at 19:49, jim deleskie wrote:
I agree, we can't even get everyone including some LARGE ( I'll avoid
Tier's because people get stupid around that too) networks to filter
customers based on assigned netblocks.
Customer of my customer [of my customer, of my customer . . . ].
It
Application layer DDoS attacks , in most (all?) cases require a valid TCP/IP
connection, therefore are not spoofed and BCP38 is irrelevant
Sent from Steve's iPhone
> On May 25, 2015, at 8:00 AM, nanog-requ...@nanog.org wrote:
>
> Send NANOG mailing list submissions to
>nanog@nanog.org
>
On 25 May 2015, at 20:31, Steve via NANOG wrote:
Application layer DDoS attacks , in most (all?) cases require a valid
TCP/IP connection
DNS query-floods are a notable exception.
---
Roland Dobbins
On 5/23/15 10:23 AM, Jay Ashworth wrote:
> - Original Message -
>> From: "Dave Taht"
>
>> Two things I am curious about are 1) What is the measured benefit of
>> moving a netflix server into your local ISP network
>>
>> and 2) does anyone measure "cross town latency". If we lived in a
>>
>> Application layer DDoS attacks , in most (all?) cases require a valid
>> TCP/IP connection
> DNS query-floods are a notable exception.
may i remind you of the dns query flood i had which you helped research?
udp and tcp, from the same sources.
randy
On 26 May 2015, at 4:27, Randy Bush wrote:
may i remind you of the dns query flood i had which you helped
research?
udp and tcp, from the same sources.
Yes - we determined that the TCP-based queries were a result of RRL,
which is optimized to help with spoofed reflection/amplification
at
9 matches
Mail list logo
