[e2e] fault apportionmant and mitigation

Jon Crowcroft Jon.Crowcroft at cl.cam.ac.uk
Thu May 17 23:40:42 PDT 2007 

so what might be interesting would be to hear about
DDoS mitgation and detecting sources  of ddos (note some dos mitgation doesnt
require one to detect/isolate and take down sources - some ISPs have told us (in
the CRN DoS working group) that they dont care so much about dos traffic traversing their
net (particulalry ones with now actual servers attached:), as others - 

some questiosn though:
botnets - 
i) are they clusteed on certain ISPs/ ASs and 

ii) do they tend to come from
mostly homgenous sets of users/machines? (e.g. large pools of machines in big
businesses like insurance companies who leave 10s of 1000s of systems up at night
and dont run much in the way of security update, or is it loads of mom&pop home
windows 98 systems:)

iii) how often are attacks sources from Big Fast small numebrs (even 1) machine
on a GigE or 10GigE?

iv) dos target : is it mainly server or is it as often topological attacks?

v) ditto scanning

vi) when ISPs shut things down near a source, what is th sequence of take down
actions (detect/inform/warn/blackhole etc etc) and what are the costs of false
positive

vii) how often is source spoofing an issue (e.g. would loose source routing make
it worse much really?:-)

on triffic engineering (I'm sure all ISPs are triffic at engineering:):
a) how do ISPs engineer customer/provider relationships?
b) what are economics in customer/provider bills of not meeting SLAs?
c) what would make BGP failover work fast enough to not break VOIP, IPTV, etc?

on mythology:
XVII) what are the similarities between Marvel Comic and Homeric heroes?
XVIII) are the lacking parental relationships of jor el/clark kent/superman (DC) and 
spider man (peter parker, marvel) archetypes for the demi-god status/origins of
pre-helenic heroes, or are they more reflective of the randomness of the
gods/families of primitive societies like 1500 BC asia minor and 1940s america?

In missive <5.1.0.14.2.20070517205046.0375a900 at boreas.isi.edu>, Bob Braden typed:

 >>This thread has contained an awful lot of silliness, ignorance, mythology,
 >>and polemic.  Let's move on to something more constructive.
 
 by the way i thought there actrually were several threads in there that were
also interesting, useful, and thoughtful, but they got drowned out:)

 cheers

   jon

More information about the end2end-interest mailing list