North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICMP Attacks???????
Maybe it should be a pre-defined filter that the manufactures include in the basic software configuration. If we put some pressure on Cisco/Bay/Ascend/Livingston etc....... maybe we can get it done there, so that we don't have to educate new people. Alex P On Thu, 21 Aug 1997, Jon Green wrote: > On Thu, 21 Aug 1997 13:18:34 -0700, [email protected] writes: > > > >There is another mitigation: everyone here should commit to filtering > >customer packets at the customer premesis router (or at the dial in for > >PPP/SLIP) such that it is not possible for a customer to send a packet into > >the network that has an IP source address on it that is not assigned to > >that customer. That is, no more lying about source addresses. > > Every time I show a customer of mine how to configure a router, I > try to educate them on this. We need some kind of massive marketing > effort to get this out to people though. People would do it, but nobody > knows about it. > > Maybe we should get CyberPromo to spam all the technical contacts > in Internic's database to tell them how to do filtering. :) > > -Jon > > ----------------------------------------------------------------- > * Jon Green * "Life's a dance * > * [email protected] * you learn as you go" * > * Finger for Geek Code/PGP * * > * #include "std_disclaimer.h" * http://www.netins.net/showcase/jcgreen * > ------------------------------------------------------------------------- >
|