Operating Systems > Linux and UNIX
Slackware is the target of DoS attacks.
voidmain:
quote:Originally posted by Y12:
Void: I haven't read the article, but I know that a router could handle a giant DoS attack without crashing - so why won't companies like Cisco configure things like "packet filtering" automaticlly? I mean, it's not hard to realize you're being attacked when the same packets are sent at a trillion megabits a second. . .
--- End quote ---
Actually you have it backwards. In order to stop DDoS attacks it has to be taken care of at the source, not the destination. For instance, DDoS is accomplished by rooting many computers over many different networks. At some point they are told to gang up and attack one or two specific targets. The targets are basically helpless and bandwidth is consumed over many networks.
The way to properly stop it is have all routers configured properly at all ISPs for "outgoing" traffic. Stop them at the source and not the destination. You can't really set them up by default because you have to define specific IP ranges and access-lists. They could put it into the menu configs when so when you do the "setup" command in the router it will prompt you to configure this.
Of course *everyone* must do this for it to be effective. By everyone I mean all business and ISPs should have their perimeter router(s) configured to block this sort of traffic coming from their networks. It won't prevent hackers/crackers from rooting their boxes if they are poorly set up but those boxes once rooted will not be able to participate in a DDoS attack on someone else.
[ December 20, 2002: Message edited by: void main ]
TheQuirk:
quote:Originally posted by void main:
The way to properly stop it is have all routers configured properly at all ISPs for "outgoing" traffic. Stop them at the source and not the destination. You can't really set them up by default because you have to define specific IP ranges and access-lists. They could put it into the menu configs when so when you do the "setup" command in the router it will prompt you to configure this.[ December 20, 2002: Message edited by: void main ]
--- End quote ---
If it's that easy, why the hell aren't people doing it?
voidmain:
Good question. I first read the Cisco articles right after YaHoo got blasted a couple of years ago. I think part of the reason is that most people that install routers really struggle just to get them configured to work at all, let alone add access lists. That might also explain why their servers weren't up to date and got rooted.
A lot of companies can't afford a CCIE to come in and configure their routers. And most CCIE's probably don't add these protections. They do just enough to get the routers configured to route traffic and hopefully set up secure passwords but don't account for preventing outbound DDoS attacks.
[ December 20, 2002: Message edited by: void main ]
TheQuirk:
Maybe you should write a little paper on that and submit it to various IT websites (and maybe even /.)
voidmain:
quote:Originally posted by TheQuirk:
Maybe you should write a little paper on that and submit it to various IT websites (and maybe even /.)
--- End quote ---
Bah, I quit reading /. a long time ago. It's full of M$ dweebs now. It used to be a pretty good site.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version