Agreed, especially when, if you are the defender, there are much more effective methods available, especially if you are a government entity or a large network.
There's been a discussion for some time over on NANOG that comes and goes about a "Magic Prefix" or "Magic AS" where those under DOS attack can publish address space they want null routed, so as to quench DOS at its source. The method is that you put your VICTIM space in the magic prefix, so that all traffic to it that traverses routers that are in the BGP community that has the AS, bin the traffic, making the DOS ineffective against the collateral victims that just happen to share links with the target of the DOS. While it doesn't help the actual target of the DOS; they still have to wait it out or renumber; it does reduce the collateral damage. >-----Original Message----- >From: [email protected] [mailto:[email protected]] >On Behalf Of Paul Ferguson >Sent: Wednesday, June 17, 2009 11:21 PM >To: [email protected] >Cc: [email protected] >Subject: Re: [funsec] Remote support for Iranian protestors making it >harderthem to reach the outside world? > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >On Wed, Jun 17, 2009 at 10:59 PM, Nick FitzGerald<n...@virus- >l.demon.co.uk> >wrote: > >> [email protected] wrote: >> >>> b) DOSing people is a dumb way of arguing for democracy/free >>> speech/etc... >> >> And your evidence that the incoming (from Iran's perspective) DDoSes >> are being perpetrated by "anti-establishment" (presumably the more >pro- >> democracy/more liberal, free-speechers/etc) folk is? >> > >No evidence needed. > >Whomever is perpetrating any DoS attacks is completely unjustified, in >my >opinion, due to the unintended consequences -- and there's a lot of >them. > >Collateral damage is only one. > >The bottom line is that when people take up "digital arms" in the form >of >DoS attacks, everyone loses. > >- - ferg > >-----BEGIN PGP SIGNATURE----- >Version: PGP Desktop 9.5.3 (Build 5003) > >wj8DBQFKOdzFq1pz9mNUZTMRAo+NAKDMoIoJfp0dSB2/ehuVsewC21maGgCg+ub3 >9cgb5yikByomnNnpr8bQ/wo= >=8+CM >-----END PGP SIGNATURE----- > > > >-- >"Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ >_______________________________________________ >Fun and Misc security discussion for OT posts. >https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
