TELECOM Digest OnLine - Sorted: Re: Antispam Firm Blue Security Says Was Victim of Attack

Re: Antispam Firm Blue Security Says Was Victim of Attack

Barry Margolin (barmar@alum.mit.edu)
Thu, 18 May 2006 22:21:27 -0400

In article <telecom25.189.9@telecom-digest.org>, shrike@cyberspace.org
wrote:

>>> With black-holing, an ISP essentially removes the advertised path to a
>>> particular Web site or IP address -- making it completely inaccessible to
>>> the outside world.

> This is completely incorrect. Black-holing is the process of
> announcing a more specific route for the host pointing it at a null0
> interface.

Doesn't that "make it completely inaccessible to the outside world"?

> In effect they superceded the DOS, and at that moment
> became the progenitor of a larger scale DOS against Blue
> Security. Been there, done that, many times. They mitgated bad
> traffic, but also denied good traffic.

But by blackholing the host's IP, they stopped saturating the
connection to the site. This allows all the other systems at the same
site to use the Internet. So they reduced an attack that was
affecting all the systems that shared the link to one that just
impacted a single host.

Blue Security was already effectively unusable, so it couldn't really
get much worse for them. But they made it better for everyone else in
the same data center.

Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Associated Press News Wire: "Ex-Head of Cass Tel in Missouri Gets Prison Term"
Go to Previous message: DavidK: "Analog PBX Extender for Home Based Worker"
May be in reply to: Jaikumar Vijaya: "Antispam Firm Blue Security Says Was Victim of Attack"
TELECOM Digest: Home Page