Comment Re:A possible approach to DDOS. Requires IPv6. (Score 1) 120
Interesting, could you clarify a few things.
First off, if the blackhole is ever-changing, what would happen if I had a static IP which was initially assigned, but later blackholed? Would my ISP need to maintain a master-list and assign me a new IP if my IP was blackholed? What if some script kiddies get a hold of the blacklist? Or instead maybe before adding an IP to the blackhole list you would query it? But then how would you tell the difference between my normal legitimate DSL machine and a freeshell exploitable box?
Second, if the router-level still needs to process packets, we're still looking at a potential DDoS flood. The packets aren't clogging you up locally, but the router has to deal with identifying and comparing source IP's. Send it a million requests a second, and the normal packets are left waiting, just like today.
I like pants!
dave
First off, if the blackhole is ever-changing, what would happen if I had a static IP which was initially assigned, but later blackholed? Would my ISP need to maintain a master-list and assign me a new IP if my IP was blackholed? What if some script kiddies get a hold of the blacklist? Or instead maybe before adding an IP to the blackhole list you would query it? But then how would you tell the difference between my normal legitimate DSL machine and a freeshell exploitable box?
Second, if the router-level still needs to process packets, we're still looking at a potential DDoS flood. The packets aren't clogging you up locally, but the router has to deal with identifying and comparing source IP's. Send it a million requests a second, and the normal packets are left waiting, just like today.
I like pants!
dave
