Submission + - A solution for DDOS packet flooding attacks (oceanpark.com)
dgallard writes: On October 21, 2016, a DDOS attack crippled access to major Web sites including Amazon and Netflix.
PEIP (Path Enhanced IP) extends the IP protocol to enable determining the router path of packets sent to a target host. Currently, there is no information to indicate which routers a packet traversed on its way to a destination (DDOS target) enabling use of forged source IP addresses to attack the target via packet flooding.
PEIP changes all that. Rather than attempting to prevent attack packets, instead, PEIP provides a way to rate-limit all packets based on their router path to a destination. In this way, DDOS attacks can be thwarted be simply only allowing them a limited amount of bandwith.
PEIP (Path Enhanced IP) extends the IP protocol to enable determining the router path of packets sent to a target host. Currently, there is no information to indicate which routers a packet traversed on its way to a destination (DDOS target) enabling use of forged source IP addresses to attack the target via packet flooding.
PEIP changes all that. Rather than attempting to prevent attack packets, instead, PEIP provides a way to rate-limit all packets based on their router path to a destination. In this way, DDOS attacks can be thwarted be simply only allowing them a limited amount of bandwith.
