|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Network Operators and smurf
> This should (naturally) be implemented where routing is symmetric > and where a "reverse-path check" (looking up the source address in > the routing table to find the "expected" incoming interface and > checking whether the packet did indeed enter through that interface) The big question is, what do you do if most of your traffic _is_ asymetrical? I mean, a more basic check could be, "Does the network that this packet was sourced from exist *at all*?", or "Do I have a route back to the source network through *any* interface?" That would cut down on a good amount of spoofing, like the idiots who spoof from 1.1.1.1 etc.
|