-----BEGIN PGP SIGNED MESSAGE-----
- --On Sunday, November 24, 2002 22:42:02 +0100 John Angelmo
<[log in to unmask]> wrote:
> After reading the latest NPN http://www.isoc-se.a.se/natnytt/NpN51.html
> One thing that was intresting to read about DoS attacks.
> What I'm wondering now if ISPs could help their customers with guides
> how to block DoS attacks, it would be an easy/cheap way to protect
> ISPs/customers against attacks or are there to much politics involved?
Unfortunately, no, there are no simple solutions. Most measures you can
make mainly protect others from mishaps in your network -- which of course
should not stop you from doin. Obvious short list would probably be:
* Secure your systems so that they are less likely to be taken and
used as attack nodes.
* Make sure your networks filter out spoofed packets coming from
"inside" -- only your own or customer addresses should be in the
source field of packets leaving your border router outbound.
* Watch your lines and your interfaces for unusual trends.
Investigate and follow up.
* Make certain you read your abuse mailbox.
Måns Nilsson Systems Specialist
+46 70 681 7204 KTHNOC MN1334-RIPE
We're sysadmins. To us, data is a protocol-overhead.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (OpenBSD)
-----END PGP SIGNATURE-----