RootPrompt.org: Distributed Denial Of Service attacks. A proposal based on routing. | Linux Today

RootPrompt.org: Distributed Denial Of Service attacks. A proposal based on routing.

Written By
Web Webster
Web Webster
Apr 3, 2000

[ Thanks to Noel
for this link. ]

“This paper describes a technique that -hopefully- can be
used to defeat the recent DDOS attacks _in_real_time_. The solution
presented here is based on routing. It requires a certain amount of
extra network infrastructure.”

“In order to be ready to a massive DDOS attack, example.com
should change its network structure to something like:


                                 +--------------+

                      +----e-----+ stub network |

                      |          +--------------+

           +--------+ |

       -a--|        +-+          +---------------+

           |        |            |               |     +-----------------+

       -b--|  ISP   +-----d------+ example.com's +-----+ www.example.com |

           |        |            | border router |     +-----------------+

       -c--|        |            +---------------+     

           +--------+                                  10.0.0.2 and 10.0.1.2

                                                   10.0.0.1 and 10.0.1.1

        +---------------+

        | example.com's |

        | DNS server    |

        | where         |

        | www=10.0.0.2  |

        | and TTL=0     |

        +---------------+“

“In case a DDOS attack against example.com is detected, the
following actions should be carried on:
1- dial up connection to example.com’s externally located DNS
server (possible many of them in order to complicate DDOSing both
www and DNS servers) to make www.example.com point to 10.0.1.2.
2- phone call to ISP to route traffic to 10.0.0.x to the stub
network and start routing the 10.0.1 network. The ISP may also stop
publishing the route to 10.0.0. This probably has a cost on BGP
disaggregation and routing updates, but it may worth it, because as
the routing updates propagate the attack stops nearer its
source.”

Complete
Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.