Results 1 to 6 of 6
Thread: Interesting Anti-DoS idea.
-
06-23-2004, 04:33 PM #1Junior Guru Wannabe
- Join Date
- Sep 2003
- Location
- Kent, England
- Posts
- 72
Interesting Anti-DoS idea.
First of all, please apologize if im talking absolete rubbish, I'm currently learning the whole technical background of TCP/IP.
Anyway, dealing with clients who use servers for DoSing and the likes can be very expensive to deal with, and recieving DoS attacks obviously painful.
Now, this little random idea is probably been thought of and prehaps exists, but looking at ICMP Source Quench.
From what I can gather if a box is getting flooded by too much information it sends a Source Quench request to the server. Now blatently this isnt mantatory, since we have DoSing, but what about something which takes this and makes it mandatory, forcing the server to stop the DoS. Webhosts could write this in ToS that this measure is required on the server, and thus eliminating effective DoS attacks from the servers.
Feedback / Correcting me for such a stupid idea (if I'm making no sense) welcome .
-
06-23-2004, 04:35 PM #2Web Hosting Master
- Join Date
- Jun 2003
- Location
- UK
- Posts
- 6,616
OK I'm a bit of newbie so guessing here but taking that the source IP is forged on most DDOS then sending an ICMP Source Quench would actually be directed at an innocent bystander so prehaps you would end up DOS'ing them as well
RusRuss Foster - Industry Curmudgeon
Freelance Sysadmin for Hire - email vaserv@gmail.com
-
06-23-2004, 04:55 PM #3Junior Guru Wannabe
- Join Date
- Sep 2003
- Location
- Kent, England
- Posts
- 72
Will still help in DDoS, as the slave computers that have been comprised will unable to send the data that the master is telling it to do.
-
06-23-2004, 05:26 PM #4Web Hosting Master
- Join Date
- May 2003
- Posts
- 1,151
This would be a standard across the internet, as anyones server/home computer could become comprimised.
Datums Internet Solutions, LLC
Systems Engineering & Managed Hosting Services
Complex Hosting Consultants
-
06-23-2004, 09:06 PM #5Junior Guru
- Join Date
- Jun 2004
- Location
- Michigan, USA
- Posts
- 245
Most DDOS attacks are generated from spoofed ips so I dont think it would help that much. You would be better off implementing hardware filtering and a null routing policy
-
06-24-2004, 07:16 PM #6Junior Guru Wannabe
- Join Date
- May 2004
- Location
- India
- Posts
- 91
I agree with tekneeks . If someone flooding from 10,000 spoofed ip and 10 chillds per ip, what protection will do ? But it can bring down any server, if properly implemented. I think ipv6 have a solution for us. Waiting for that era to begin properly.
Helpdesk : Sir, you need to add 10GB space to your HD , Customer : Could you please tell where I can download that?