My feeling is, any attack is a bad attack. No matter what degree of redundancy you try to achieve, no matter how many peripheral links the server may have, if it is unwanted by the lusers, they'll attack it. And they're sneaky. And they're persistent. And, they tend to have access to a lot of potatos/second. It would seem that labelling it with a neon "Someone Elses Problem" sticker is the best outcome - I for one would be unhappy having too much to do with providing any network space for such a device. In any case, given the dog-in-a-manger stigma that has existed in regards to the NZ undernet server in last years, I doubt anything will ever happen, at least, not in our lifetimes. T. On Mon, 2 Apr 2001, J S Russell wrote:
On Mon, 2 Apr 2001, Tony Wicks wrote:
nope, there isn't one. We turned of Auckland because of continued dos attacks.
I'm certainly missing auckland.nz.undernet.org, as well.
Just out of interest, how were they attacking the server? It was on an APE address, and I presume you were keeping it's world-accessable IP very secret. Were the flooding dickheads simply attacking AsiaOnLine NZ networks directly, hoping to saturate your international connections and drive the server offline? Or were the DoS attacks coming from domestic sources?
There must be a way to circumvent these pesky floods, or at least route around them (and hence make them useless, which will in turn make them go away.)
Perhaps a server run by an incorporated society rather than a specific ISP, fed by bandwidth sourced from multiple interested NZ ISP's? This way it could have multiple paths out to us and eu undernet servers. Of course, it'd still have to have secret real-world IP's and again be on an APE or WIX address for domestic access.
That would be very difficult to attack, and bandwidth from each of the ISP's in question could perhaps be constrained at the international AP, limiting the effects of floods on each of the ISP's in question.
JSR
--------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Tim J. Shackleton ------------------+ +- Business http://www.netlink.co.nz/ Networks Admin/Programmer ----------+ +- Personal http://www.netnet.net.nz/ Netlink LTD -- DDI +64 4 922 8476 --+ +------------- Pager 64 +26 253 4356 +64 29 650 476 -- Cellular ---------+ +------------------------------------ ----------------- " All your base are belong to us! " --------------------- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog