OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] Can A Web Site Be Reliably Defended Against DoS Attacks?

[ Lists Home | Date Index | Thread Index ]

Thanks Chris.  That is certainly interesting as well 
s the other research he is doing.  In discussing the 
DDoS challenge with engineers here, I hear similar 
proposals (that is, as much as I can determine from 
the short description of 'anycast') where a box 
at the perimeter shields the rest of the network. 
If he has a generalized solution, that sounds 
like a money maker.

I would think these issues would be of some concern 
to an industry obsessed with web services.  Currently, 
we keep them in the Intranet and are very careful to 
assess any kind of service that is on the Internet 
with regards to criticality.  We can do that.  I 
have to wonder about industries that have some 
wide-eyed vision of 'seamlessness' and 'just in time'. 
It seems like driving ahead of the headlights.


From: Chris Wilper [mailto:cwilper@cs.cornell.edu]

Maybe something on the horizon from Paul Francis (the NAT guy):

". . . The IP Internet was simply not designed to repel this kind of attack.
We are looking at an architecture for an anycast-based DDoS perimeter than
can be incrementally deployed at the edge of the network.  In this
architecture, IP anycast is used to force packets to travel through the
that constitute the perimeter, thus protecting servers from direct attack.
We believe that this architecture can be extended to provide DDoS protection
to all Internet users."


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS