Pushback against DDOS Attacks
Huusker writes "Steven Bellovin and others at ATT Research Labs and ICIR have come up with mechanism to stop DDOS attacks. The idea is called Pushback. When the routers get flooded they consult a Unix daemon (/etc/pushbackd) to determine if they are being DDOS'ed. The routers propagate the quench packets back to the sources. The policy and propagation are separate, allowing hardware vendors to concentrate on the quench protocol while the white hats invent ever more clever DDOS detection filters for /etc/pushbackd. The authors of the paper have an initial implementation
on FreeBSD."
Who gives a fat fuck? *BSD is dying (Score:-1, Troll)
by Anonymous Coward on Tuesday October 22, @02:56PM (#4506374)
It is official; Netcraft now confirms: *BSD is dying
One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.
You don't need to be a Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.
FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.
Let's keep to the facts and look at the numbers.
OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.
Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.
All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.
Fact: *BSD is dying
[ Reply to This | Parent ]
Re:Who gives a fat fuck? *BSD is dying by Palshife (Score:-1) Tuesday October 22, @04:42PM
Re:Who gives a fat fuck? *BSD is dying by Anonymous Coward (Score:-1) Wednesday October 23, @12:28AM
FreeS/WAN and Linux (Score:0, Offtopic)
by FattMattP on Tuesday October 22, @03:14PM (#4506587)
(User #86246 Info | http://www.openpatents.org/)
When the hell is FreeS/WAN [freeswan.org] going to be merged into Linux?
[ Reply to This | Parent ]
Re:FreeS/WAN and Linux Tuesday October 22, @05:47PM
Re:FreeS/WAN and Linux Tuesday October 22, @07:06PM
Re:FreeS/WAN and Linux Tuesday October 22, @07:16PM
Re:FreeS/WAN and Linux Tuesday October 22, @07:26PM
Re:FreeS/WAN and Linux by Secure42 (Score:1) Tuesday October 22, @08:11PM
Re:FreeS/WAN and Linux by FattMattP (Score:1) Tuesday October 22, @10:02PM
Re:FreeS/WAN and Linux Thursday October 24, @07
excuse me if I'm wrong, but my understanding of the matter was, that source address spoofing etc. would be gone, once ipv6 is widely used. asfaik, ipv6 would prevent lots of techniques in this context, so why waste lots of emergy/work on this, instead of actually getting people to switch to ipv6.
ipv6 has been around for some time now and is implemented in every major os (both client and server). I know that the switch to ipv6 is a big task, but the way I understand it, it would also deal with a lot of problems (including to a certain extent ddos) in context with ipv4.
please correct me if I'm wrong.