Michael Batchelder wrote: > > This is OT for loganalysis, but what's your feeling about syn > cookies as the defense against dos/ddos? SYN cookies help when you're being SYN flooded. The attacks that have taken down our 50Mbit/s Internet connection have all been pings and UDP, and nothing we can do on our end help, since they came at us with a rate higher than 50Mbit/s -- the downstream is flooded no matter how much we drop on our end. What helps here is traceability and real-world law enforcement. Attempting to cure human problems with technical solutions is, as usual, a lost cause. -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Mon Nov 10 2003 - 13:34:24 PST