North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Smurfing
> See RFC2267. > > - paul > > > > Good news. > > > > One more question (just is there is someone from the CISCO) - what's > > about source-address filtering at default for the access servers/routers? > > Note all this problems (SMURF, DENIAL-ATTACK, DNS-FRAUDING, etc etc) can > > be 100% blocked if ISP would not allow it's customers to send IP packets > > with the wrong SRC address. If not, they (hackers) should found new, new > > and new tricks to fraud any IP network. > > > You can apply the RPF idiom from multicast to block unicast flooding. This would instantly solve the problem, though I am not sure what overhead the path evaluation would incur. BR [email protected]
|