Slashdot Mirror

← Back to Stories (view on slashdot.org)

Pushback against DDOS Attacks

Posted by CmdrTaco on from the build-a-better-asshole-trap dept.

Huusker writes "Steven Bellovin and others at ATT Research Labs and ICIR have come up with mechanism to stop DDOS attacks. The idea is called Pushback. When the routers get flooded they consult a Unix daemon (/etc/pushbackd) to determine if they are being DDOS'ed. The routers propagate the quench packets back to the sources. The policy and propagation are separate, allowing hardware vendors to concentrate on the quench protocol while the white hats invent ever more clever DDOS detection filters for /etc/pushbackd. The authors of the paper have an initial implementation on FreeBSD."

4 of 159 comments (clear)

  1. Re:Manual RegEx? by mocktor · · Score: 3, Funny

    Nice idea but regex's have waaaay to high an overhead to filter the amount of traffic even a small DDoS produces - you'd need some kind of omnipotent distributed uberBeowulf cluster (or a million monkeys watching a zillion blinkenlights)

  2. Re:Stephen King, author, dead at 55 by kryonD · · Score: 1, Funny

    I just heard some sad news on talk radio - An Anonymous Coward was found dead in his Maine home this morning. There wasn't any more details, but athorities think he was hacked to death with a blunt spoon by author Stephen King. I'm sure everyone in the Slashdot community will be willing to provide an alibi for Stephen - even if you didn't enjoy his work, there's no denying his contributions to popular culture by killing this annoying f&#k. Truly a World icon.

    --
    I've dirtied my hands writing poetry, for the sake of seduction; that is, for the sake of a useful cause. --Dostoevsky
  3. Re:sure by Rhinobird · · Score: 1, Funny

    how come your grandfather(gf) is a girl?

    --
    If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
  4. finally... a cure for Slashdotting... by constantnormal · · Score: 5, Funny

    in a press release by the Office of Homeland Defense, it was announced that an insidious plot by hacker terrorists had been thwarted. It seems that this subversive web site, www.slashdot.org, would trigger random DDOS attacks on targets identified on their web site. It has yet to be ascertained what their intent was, as no logical pattern has been detected. The investigation continues.

    Welcome to the Twilight Zone.
    I certainly hope the filters used to detect true DDOS attacks are effective enough to prevent this scenario.