On Fri, Mar 7, 2008 at 10:21 AM, Xu Xiaohu <[EMAIL PROTECTED]> wrote: > In fact, the DDoS attack risk is a common problem for almost all the > cache-ITR-based approaches, not just for APT.
Indeed. TRRP will have to address this by detecting the flood and filtering packets from the sources. Its ITRs are close enough to the network edge that the requisite amount of state it has to deal with to do this is manageable. In TRRP, this has the side benefit of rendering the TRRP address space inaccessible to infested sources based on their packet-scattering behavior. Scanning worms just won't work with TRRP. :) Regards, Bill Herrin -- William D. Herrin [EMAIL PROTECTED] [EMAIL PROTECTED] 3005 Crane Dr. Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004 -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
