[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Happiness; lack thereof

To: "Xu Xiaohu" <xuxh@huawei.com>
Subject: Re: [RRG] Happiness; lack thereof
From: "William Herrin" <bill@herrin.us>
Date: Fri, 7 Mar 2008 11:36:40 -0500
Cc: "RRG Mailing List" <rrg@psg.com>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=oMbGKAmBY/2gRYqvxAkEMSoHZqPPFoPJL4diYgHfdTnBTBH+E6EItakDc2cQ0Rl/Gnb369EaKUUROfDitCVqd3pVsDS5s2rhviv5Svm/LvOxc7Mmmqc8QkMuKhH4kjNm8Nyfufnyq675OIu055CtIK0B3LnLES+5RXROKEeHMMY=
In-reply-to: <001601c88066$ee139760$f6f1c80a@china.huawei.com>
References: <1454bf6f0803062128x7fd8719dk28319aa4c12d3d82@mail.gmail.com> <001601c88066$ee139760$f6f1c80a@china.huawei.com>

On Fri, Mar 7, 2008 at 10:21 AM, Xu Xiaohu <xuxh@huawei.com> wrote:
>  In fact, the DDoS attack risk is a common problem for almost all the
>  cache-ITR-based approaches, not just for APT.

Indeed. TRRP will have to address this by detecting the flood and
filtering packets from the sources. Its ITRs are close enough to the
network edge that the requisite amount of state it has to deal with to
do this is manageable.

In TRRP, this has the side benefit of rendering the TRRP address space
inaccessible to infested sources based on their packet-scattering
behavior. Scanning worms just won't work with TRRP. :)

Regards,
Bill Herrin

-- 
William D. Herrin                  herrin@dirtside.com  bill@herrin.us
3005 Crane Dr.                        Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg

References:
- Re: [RRG] Happiness; lack thereof
  - From: "Victor Grishchenko" <victor.grishchenko@gmail.com>
- re: [RRG] Happiness; lack thereof
  - From: Xu Xiaohu <xuxh@huawei.com>

Prev by Date: [RRG] LISP PMTU & fragmentation problems
Next by Date: Re: [RRG] Happiness; lack thereof
Previous by thread: re: [RRG] Happiness; lack thereof
Next by thread: Re: [RRG] Happiness; lack thereof
Index(es):
- Date
- Thread