> From: "Joel M. Halpern" <[email protected]>
> Fundamentally, if a subscriber DoS' himself, and denies himself
> service, then he hurts himself. So?
The issue is that someone _outside_ can mount a DoS attack by 'bouncing'
traffic off a machine inside the site - e.g. by sending a zillion TCP SYN
requests, from random (bogus) source addresses. Jeff also raised the
possibility of a breakin inside the site (either by breaking into a
machine, or breaking into a wireless network, etc, etc.)
On another (unrelated to your question) note: I think it's worth spending a
few cycles on this to work out if the solution(s) are purely implementation
(e.g. two-stage caches, or whatever), or if there are any protocol changes
needed. If it's just the former, it can clearly be put off 'until needed'.
Noel
_______________________________________________
lisp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/lisp
