Pushback against DDOS Attacks

Huusker writes "Steven Bellovin and others at ATT Research Labs and ICIR have come up with mechanism to stop DDOS attacks. The idea is called Pushback. When the routers get flooded they consult a Unix daemon (/etc/pushbackd) to determine if they are being DDOS'ed. The routers propagate the quench packets back to the sources. The policy and propagation are separate, allowing hardware vendors to concentrate on the quench protocol while the white hats invent ever more clever DDOS detection filters for /etc/pushbackd. The authors of the paper have an initial implementation on FreeBSD."

why waste energy on this instead of going ipv6?

[O0o0Oblubb!O0o0O]

excuse me if I'm wrong, but my understanding of the matter was, that source address spoofing etc. would be gone, once ipv6 is widely used. asfaik, ipv6 would prevent lots of techniques in this context, so why waste lots of emergy/work on this, instead of actually getting people to switch to ipv6.

ipv6 has been around for some time now and is implemented in every major os (both client and server). I know that the switch to ipv6 is a big task, but the way I understand it, it would also deal with a lot of problems (including to a certain extent ddos) in context with ipv4.

please correct me if I'm wrong.