[unisog] DDoS IRC bots

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri Mar 7 15:19:12 GMT 2003


On Thu, 06 Mar 2003 21:32:01 PST, Peter Van Epp said:
> (www.oarcorp.com) is one possible answer I keep meaning to explore. A simple 
> OS that does nothing but read packets in from the interface and write the 
> packet (in tcpdump format for time stamps etc. but with no interpretation or 
> context/ memory space switches (and thus no copys) to a file system (or raw
> disk if needed for performance which it might be) would be a thing of beauty.

That *would* be pretty slick.. ;)
 
> You of course then run headlong in to disk performance issues, but throwing 
> money at it (probably in the form of a raid like parallel disk farm) should 
> cure that. One day in the far future when there is time :-).

Every 4-6 months, somebody will come on the NANOG list and ask why a Cisco
router costs $moby when the CPU isn't anywhere near as fast as the average
desktop machine, and why you couldn't make a cheaper router using an x86 and
a few PCI network cards.  Hilarity ensues, and somebody gets to explain
to the newbie that the bits have to come in and go out over the PCI bus,
and invite them to do the calculation of 2xgigE and compare it to the
maximum bandwidth of the PCI, and ask what component will hit starvation
first, the inbound interface, the outbound (disk in this case), or CPU...
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20030307/a16c3ee4/attachment-0006.bin


More information about the unisog mailing list