Re: [Fwd: [Saad] Some initiating thoughts...]
Erik Nordmark <Erik.Nordmark@sun.com> Thu, 23 October 2003 11:37 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA13829 for <saad-archive@odin.ietf.org>; Thu, 23 Oct 2003 07:37:31 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ACdm9-0002QW-QT for saad-archive@odin.ietf.org; Thu, 23 Oct 2003 07:37:10 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h9NBb9eZ009328 for saad-archive@odin.ietf.org; Thu, 23 Oct 2003 07:37:09 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ACdm8-0002Ps-4U for saad-web-archive@optimus.ietf.org; Thu, 23 Oct 2003 07:37:08 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA13812 for <saad-web-archive@ietf.org>; Thu, 23 Oct 2003 07:36:59 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ACdm7-0005kw-00 for saad-web-archive@ietf.org; Thu, 23 Oct 2003 07:37:07 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1ACdm7-0005kt-00 for saad-web-archive@ietf.org; Thu, 23 Oct 2003 07:37:07 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ACdm3-0002O2-H0; Thu, 23 Oct 2003 07:37:03 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1ACdlx-0002MW-73 for saad@optimus.ietf.org; Thu, 23 Oct 2003 07:36:57 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA13803 for <saad@ietf.org>; Thu, 23 Oct 2003 07:36:47 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1ACdlw-0005kc-00 for saad@ietf.org; Thu, 23 Oct 2003 07:36:56 -0400
Received: from brmea-mail-3.sun.com ([192.18.98.34]) by ietf-mx with esmtp (Exim 4.12) id 1ACdlv-0005kZ-00 for saad@ietf.org; Thu, 23 Oct 2003 07:36:55 -0400
Received: from bebop.France.Sun.COM ([129.157.174.15]) by brmea-mail-3.sun.com (8.12.10/8.12.9) with ESMTP id h9NBan5u027009; Thu, 23 Oct 2003 05:36:50 -0600 (MDT)
Received: from lillen (lillen [129.157.212.23]) by bebop.France.Sun.COM (8.11.7+Sun/8.10.2/ENSMAIL,v2.2) with SMTP id h9NBamS27567; Thu, 23 Oct 2003 13:36:49 +0200 (MEST)
Date: Thu, 23 Oct 2003 13:36:46 +0200
From: Erik Nordmark <Erik.Nordmark@sun.com>
Reply-To: Erik Nordmark <Erik.Nordmark@sun.com>
Subject: Re: [Fwd: [Saad] Some initiating thoughts...]
To: James Kempf <kempf@docomolabs-usa.com>
Cc: Erik Nordmark <Erik.Nordmark@sun.com>, Leslie Daigle <leslie@thinkingcat.com>, saad@ietf.org, M.Handley@cs.ucl.ac.uk
In-Reply-To: "Your message with ID" <017a01c398e7$ff74d520$2a6015ac@dclkempt40>
Message-ID: <Roam.SIMC.2.0.6.1066909006.21069.nordmark@bebop.france>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET="US-ASCII"
Sender: saad-admin@ietf.org
Errors-To: saad-admin@ietf.org
X-BeenThere: saad@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=unsubscribe>
List-Id: Scope Addressing Architecture Discussion <saad.ietf.org>
List-Post: <mailto:saad@ietf.org>
List-Help: <mailto:saad-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/saad>, <mailto:saad-request@ietf.org?subject=subscribe>
> But much of the appeal for firewalls (and some people extend this to limited > scope addressing, but I'm not sure if the extension is really necessary) > lies in their ability to limit DoS attacks. DoS attacks are essentially > attacks on a network and I have some trouble seeing how end to end security > between two devices can limit a DoS attack. Maybe I am missing something, > however. Yep - end2end security isn't sufficient if you have a wide range of network bandwidth (and too some extent also CPU capacity to deal with network packets) across the network. Some approaches to deal with DoS is thus needed. I don't know if anybody is working on host-assisted approaches. I can imagine interesting approaches like hosts on slow links sending "priority lists" upstream (to specify the relative priority of packets - based on a class description - that are destined towards the host) as one way of being able to cope with DoS flooding attacks. Erik _______________________________________________ Saad mailing list Saad@ietf.org https://www1.ietf.org/mailman/listinfo/saad
- [Saad] Some initiating thoughts... Leslie Daigle
- [Fwd: [Saad] Some initiating thoughts...] Leslie Daigle
- RE: [Fwd: [Saad] Some initiating thoughts...] Michel Py
- Re: [Fwd: [Saad] Some initiating thoughts...] J. Noel Chiappa
- Re: [Fwd: [Saad] Some initiating thoughts...] Erik Nordmark
- Re: [Fwd: [Saad] Some initiating thoughts...] Melinda Shore
- Re: [Fwd: [Saad] Some initiating thoughts...] James Kempf
- Re: [Fwd: [Saad] Some initiating thoughts...] Erik Nordmark
- RE: [Fwd: [Saad] Some initiating thoughts...] Harrington, David
- Re: [Fwd: [Saad] Some initiating thoughts...] Melinda Shore
- RE: [Fwd: [Saad] Some initiating thoughts...] Erik Nordmark
- Re: [Fwd: [Saad] Some initiating thoughts...] Pekka Savola
- Re: [Fwd: [Saad] Some initiating thoughts...] Brian E Carpenter
- RE: [Fwd: [Saad] Some initiating thoughts...] Harrington, David
- Re: [Fwd: [Saad] Some initiating thoughts...] Brian E Carpenter