[nsp-sec] DDoS Chicken and Egg Problem

Mike Palladino mpalladino at internap.com
Thu Mar 27 10:27:50 EDT 2008 

> There are atleast 2 InterNap folks on-list perhaps they can help 
> directly?

Yes; we've engaged the right internal folks to investigate a potential 
fix, and I'll follow-up with Jason directly off-list.

Thanks,
-Mike

--------------------------------------------------------------------------
Mike Palladino, CCDP, CCNP              Internap Network Operations Center
Manager, Network Operations Center
                                         NOC: 1.877.THE.INOC
Email: mpalladino at internap.com          Email: noc at internap.com

    *The contents of this email message are confidential and proprietary*
--------------------------------------------------------------------------

On Thu, 27 Mar 2008, Chris Morrow wrote:

> ----------- nsp-security Confidential --------
>
>
>
> On Wed, 26 Mar 2008, Sean Donelan wrote:
>
>> ----------- nsp-security Confidential --------
>>
>>> To continue the other part of the thread, it would be a joy to see some
>>> kind of standard on how to manage control plane traffic.  I've seen some
>>> really good/clever ideas, but nothing that really seems to be the de
>>> facto method.
>>
>> Fred Baker has been pushing this rock up hill in the IETF for several
>> years.  There are several drafts, and maybe even an RFC or two now.
>
> so.. I think that the actual problem is mostly solved, until you do
> something wierd like drop an interface rate-limit on the interface. I
> suspect that if your rate-limit were to be removed and you slammed 2G down
> the 1G link bgp would stay up just fine... regardless of C/J platform
> (cause both manage to stick bgp down even a highly utilized interface),
> provided of course the boxes at each end of the link can actually sustain
> the packet rates of the attack :)
>
> So... I think Jason, you got stuck on a bad config :( or a config with
> un-intended consequences. There are atleast 2 InterNap folks on-list
> perhaps they can help directly?
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>

More information about the nsp-security mailing list