Uh, because the packets come over the wire and your NIC has to handle them all
regardless of HOW you handle them?
You can NOT solve a DoS attack through ANY use of firewalling or routing at the
target end.
You MUST cut the attack off as close to the source as possible.
An attack like the one described here is simple enough to fend off because it's
coming from a single source over a relatively low bandwidth pipe.
Your ISP should be able to block it at their border routers and the constant
knocking shouldn't put any load on their equipment.
If it continues, and if they get around to it, they can then report the
activity to their peering partners (other ISPs) to get them to block the
traffic at their end. If the behavior persists, this continues until
eventually the source is cut off.
A distributed attack is much harder to cut off, because it has many sources. A
distributed attack can bring down major connections.
> From: dlin...@fragonline.net
> To: hlds@list.valvesoftware.com
> Date: Sun, 24 Jan 2010 13:43:57 -0600
> Subject: Re: [hlds] ST3Gaming.com using 100mbit connection to DoS rival
> servers
>
> Why not just null route the source and enjoy the weekend?
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
http://clk.atdmt.com/GBL/go/196390710/direct/01/
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
