Return-Path: <sentto-279987-1298-991817946-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 06 Jun 2001 02:00:07 -0700 (PDT) Received: (qmail 14514 invoked by uid 510); 6 Jun 2001 08:00:17 -0000 Received: from n1.groups.yahoo.com (HELO hh.egroups.com) (216.115.96.51) by 204.181.12.215 with SMTP; 6 Jun 2001 08:00:17 -0000 X-eGroups-Return: sentto-279987-1298-991817946-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by hh.egroups.com with NNFMP; 06 Jun 2001 08:59:06 -0000 X-Sender: david.alexander@bookham.com X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_1_3); 6 Jun 2001 08:59:05 -0000 Received: (qmail 34875 invoked from network); 6 Jun 2001 08:59:05 -0000 Received: from unknown (10.1.10.27) by l8.egroups.com with QMQP; 6 Jun 2001 08:59:05 -0000 Received: from unknown (HELO mimesweeper.bookham.com) (195.166.17.164) by mta2 with SMTP; 6 Jun 2001 08:59:04 -0000 Received: from alpha.bookham.com (unverified) by mimesweeper.bookham.com (Content Technologies SMTPRS 4.1.5) with ESMTP id <Tc0a80102a953f9900857@mimesweeper.bookham.com> for <iwar@yahoogroups.com>; Wed, 6 Jun 2001 09:54:11 +0100 Received: by alpha.bookham.com with Internet Mail Service (5.5.2650.21) id <M2C59TK1>; Wed, 6 Jun 2001 09:56:23 +0100 Message-ID: <86F477BCF025D411912F00508BACC30A02DC1588@alpha.bookham.com> To: 'iwar submissions' <iwar@yahoogroups.com> X-Mailer: Internet Mail Service (5.5.2650.21) From: David Alexander <david.alexander@bookham.com> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 6 Jun 2001 09:56:22 +0100 Reply-To: iwar@yahoogroups.com Subject: [iwar] re: DDOS attacks Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Jim >So let's see if I have captured some key points, being a non-expert and >having looked a bit at what Fred says about it( ;) ) and what I already >knew: > >Simple steps to prevent DDoS: > >- Monitor out going packets - something still not done as frequently as our >emphasis on incoming packets. > >- Maximize redundancy of availability - Like Fred does, or the Akamai >service model. > >- Test your connection load, including (money is no object) redundant >servers and load balancers, like MS did during the famed "zombie attacks" of >last year. > >Do these capture some quick and easy steps? 1. Those steps, to design IP filters, are not easy or quick unless you have a lot of knowledge in those areas. 2. By putting those filters in place you effectively reduce the functionality of your own services by closing certain doors. 3. Read the following (long, but very good) article, which explains why you cannot maintain full connectivity and service against a well-planned and technically competent DDOS attacker, no matter what you do. http://grc.com/dos/grcdos.htm Sorry. I wish it were otherwise. David Alexander M.INSTIS Global Client-Server, Communications & Infrastructure Manager Bookham Technology plc DDI: 01235 837823 Mobile: 0779 988 1284 David.Alexander@Bookham.com ======================================================================= This e-mail is intended for the person it is addressed to only. The information contained in it may be confidential and/or protected by law. If you are not the intended recipient of this message, you must not make any use of this information, or copy or show it to any person. Please contact us immediately to tell us that you have received this e-mail, and return the original to us. Any use, forwarding, printing or copying of this message is strictly prohibited. No part of this message can be considered a request for goods or services. ======================================================================= Any questions about Bookham's E-Mail service should be directed to postmaster@bookham.com. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT