Hi all, Does any ISP represented here do something to avoid spoofing? and how many do netflow? with netflow we would be able to 'some kind' trace back, at least the source network/AS of the spoofed DoS and could try to stop them. Could you have a look and see if you have some datas (since Thursday-Friday night) to destination 193.110.95.1? I could at least try to stop a part of that DoS.
Why not creating a 'neural and trusted' 3rd party which would collect all netflows summaries and for sure keep them secret. On demand, that team would seek for a specific destination IP and then would be able to trace back source networks of DoS and advise the concerned network without giving any information to the requester. DoS are growing day per day and we should do something...really... we cant continue to let the 'terrorists' play like that. FYI: http://news.zdnet.co.uk/story/0,,t269-s2103098,00.html Cheers, Pascal ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
