- From: Willy Tarreau <w@1wt.eu>
- Date: Tue, 10 Aug 2021 15:53:59 +0200
- To: Erik Aronesty <erik@q32.com>
- Cc: Paul Vixie <paul@redbarn.org>, HTTP Working Group <ietf-http-wg@w3.org>
On Tue, Aug 10, 2021 at 06:37:50AM -0700, Erik Aronesty wrote: > In my study a proof of work vastly improved resilience to a ddos with a > large number of seemingly valid handshake initializations If you have a few clients which are forced to perform a lot of handshakes each, sure. If you have 11M clients doing a single handshake each, as Paul suggested, you still have to perform 11M handshakes once they validate the challenge. That's why I said that when facing a large swarm of attackers which is large enough to hurt you with a non-repetitive action, all you can do is try to classify them based on their characteristics (e.g. signature). And it's not easy at all. Sometimes even having to just handle the TCP connection can be challenging. Willy
Received on Tuesday, 10 August 2021 13:54:17 UTC