[j-nsp] (d)DoS handling

From: Dmitri Kalintsev (dek@hades.uz)
Date: Thu Apr 05 2001 - 21:27:13 EDT

Next message: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Previous message: Dave Katz: "Ping VRRP virtual IP address"
Next in thread: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Reply: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Maybe reply: sean capshaw: "Re: [j-nsp] (d)DoS handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

I've heard rumors that JunOS has some sort of knobs for handling (d)DoS,
such as packet floods with spoofed source, etc (we all know them all too
well). Is there such thing, and if there is then what IS it and how exactly
it works?

(I am well aware that currently nothing radical can be done to prevent
those, besides constant customer and provider education about usefulness of
source address forging prevention techniques and dropping IP space under
attack from global BGP tables, when it is possible. *yech*).

Thanks,

-- 
 CCNP, CCDP (R&S)                          Dmitri E. Kalintsev
 CDPlayer@irc               Network Architect @ connect.com.au
 dek @ connect.com.au     phone: +61 39 674 3913 fax: 251 3666
 http://-UNAVAIL-         UIN:7150410    cell: +61 41 335 1634

Next message: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Previous message: Dave Katz: "Ping VRRP virtual IP address"
Next in thread: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Reply: Bradley Dunn: "Re: [j-nsp] (d)DoS handling"
Maybe reply: sean capshaw: "Re: [j-nsp] (d)DoS handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:42 EDT