[c-nsp] Sinkhole Routing
Danny McPherson
danny at tcb.net
Fri Oct 1 11:38:09 EDT 2004
On Sep 29, 2004, at 5:48 AM, Amol Sapkal wrote:
> Hi All,
>
> A good fellow on this list suggested me 'Sinkhole Routing' as a
> solution to DoS attacks. I checked with google and it indeed seems
> promising.
> Anyone who has implemented it in their networks? I would be interested
> to do it too, as long as I dont end up investing in huge hardware.
Seems like some of the folks here are confusing blackholing
with sinkholing. Blackholing usually means you discard the
traffic at one or more points in the network, while sinkholing
typically means traffic is diverted (either to offload process
from a router, to divert to a honeynet for further analysis,
to doing some fine-grained mitigation such as via a Cisco
Guard, etc..).
Here are a couple of pointers that might get you started.
Sinkholes (and RTBHs, etc..):
http://www.nanog.org/mtg-0306/sink.html
Customer Triggered RTBHs:
http://www.nanog.org/mtg-0402/morrow.html
HTH,
-danny
More information about the cisco-nsp
mailing list