From owner-freebsd-net Mon Jan 13 6:24: 8 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EF4C37B401 for ; Mon, 13 Jan 2003 06:24:07 -0800 (PST) Received: from overlord.e-gerbil.net (e-gerbil.net [64.186.142.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E92E43E4A for ; Mon, 13 Jan 2003 06:24:06 -0800 (PST) (envelope-from ras@overlord.e-gerbil.net) Received: from overlord.e-gerbil.net (ras@localhost.globali.net [127.0.0.1]) by overlord.e-gerbil.net (8.12.6/8.12.6) with ESMTP id h0DENuTg048950; Mon, 13 Jan 2003 09:23:56 -0500 (EST) (envelope-from ras@overlord.e-gerbil.net) Received: (from ras@localhost) by overlord.e-gerbil.net (8.12.6/8.12.6/Submit) id h0DENosb048949; Mon, 13 Jan 2003 09:23:50 -0500 (EST) (envelope-from ras) Date: Mon, 13 Jan 2003 09:23:50 -0500 From: Richard A Steenbergen To: "."@babolo.ru Cc: Josh Brooks , Jess Kitchen , freebsd-net@FreeBSD.ORG Subject: Re: What is my next step as a script kiddie ? (DDoS) Message-ID: <20030113142350.GI78231@overlord.e-gerbil.net> References: <20030111221206.GF78231@overlord.e-gerbil.net> <1042331596.782866.69020.nullmailer@cicuta.babolo.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1042331596.782866.69020.nullmailer@cicuta.babolo.ru> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jan 12, 2003 at 03:33:16AM +0300, .@babolo.ru wrote: > > much less CPU and plenty of places to strike. Protecting your network > > infrastructure is certainly the next place to go after you protect your > > high-target hosts. > > > > For some examples, see http://www.e-gerbil.net/ras/projects/dos/dos.txt > remember disposition: > small net(s) connected via low band (less then 10M) > link to one upstream. Obviously if you have a low speed connection, your pipe will fill before the hosts or routers ever have a chance to fall over (unless you have a REALLY low end router :P). But if the point of this discussion is to protect the hosts from falling over, then the network must be able to deliver a sufficiently large attack. And nothing sucks quite like watching a GSR fall over under a 20Mbit SYN flood. :) -- Richard A Steenbergen http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message