If you block incoming ICMP at your gateway routers, then DoS attacks should not be a possible attack. Without the target being able to send a ping back to the reflector because of ICMP filtering, DoS will fail. And if your network is the target, the reflector will not be able to attack either. As far as I know, DoS is simply ICMP floods to the whole subnet, and ICMP access lists in Cisco equipment is a piece of cake.
Just my $.02
Is DirecTV's DSL like Dishnetwork's satellite connection? I have a friend who uses this and with the 800ms to 1000ms ping times, telnet and IRC is almost impossible. His dialup connection seems much more responsive then the satellite, although the Dishetwork's throughput is near 1Mbps... Perhaps his dish is not properly configured, but I'd imagine this is normal considering the distance and method his packets have to travel.
Slashdot Mirror
If you block incoming ICMP at your gateway routers, then DoS attacks should not be a possible attack. Without the target being able to send a ping back to the reflector because of ICMP filtering, DoS will fail. And if your network is the target, the reflector will not be able to attack either. As far as I know, DoS is simply ICMP floods to the whole subnet, and ICMP access lists in Cisco equipment is a piece of cake. Just my $.02
Is DirecTV's DSL like Dishnetwork's satellite connection? I have a friend who uses this and with the 800ms to 1000ms ping times, telnet and IRC is almost impossible. His dialup connection seems much more responsive then the satellite, although the Dishetwork's throughput is near 1Mbps... Perhaps his dish is not properly configured, but I'd imagine this is normal considering the distance and method his packets have to travel.