[nsp-sec] DDoS Chicken and Egg Problem
Jason Gardiner
gardiner at purdigital.net
Wed Mar 26 17:44:02 EDT 2008
Apparently I raised an interesting discussion topic :-D
At any rate, all of these would need to be implemented on the side doing
the policing. If we were to assume that nothing could be/would be done
on the upstream, can you think of any ways to blackhole the target IP on
upstream networks without having to call in manual intervention?
To continue the other part of the thread, it would be a joy to see some
kind of standard on how to manage control plane traffic. I've seen some
really good/clever ideas, but nothing that really seems to be the de
facto method.
Barry Greene (bgreene) wrote:
> ----------- nsp-security Confidential --------
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Cisco sets BGP traffic at Prec 6. At least we did. I think Juniper did
> the same.
>
>
--
Thanks,
Jason Gardiner
$company_name Engineering
More information about the nsp-security
mailing list