Trace and Stop Attacks. Figure out which machines attacks come from Go to those machines (or near them) and stop the attacks Tracing is trivial if IP source addresses aren’t spoofed Tracing may be possible even if they are spoofed
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
In multiple places?
In the network core?
Near the source?
Near the target?
1”Controlling high bandwidth aggregates in the network,” Mahajan, Bellovin, Floyd, Paxson, Shenker, ACM CCR, July 2002
1“Practical network support for IP Traceback,” Savage, Wetherall, Karlin, Anderson, ACM SIGCOMM 2000
1“Attacking DDoS at the source,” Mirkovic, Prier, Reiher, ICNP 2002
1“NetBouncer: Client-legitimacy-based High-performance DDoS Filtering,” Thomas, Mark, Johnson. Croall, DISCEX 2003