| 摘要 |
A method for mitigating a Dos attack in a network is proposed, whereby
- a network element (clA) affected by the attack sends a notice of attack to a second network element (rA),
- the second network element transmits an ACL, said ACL containing instructions denying traffic from the source of the DoS to the the affected network element, to a further network element (rB, rC),
- the instructions of the ACL are implemented at the further network element,
- the further network element lies logically closer to the source of the DoS (clB, clC, clD) than the second network element.
|
