North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Network Operators and smurf

  • From: Al Reuben
  • Date: Sat Apr 25 12:34:48 1998

> This should (naturally) be implemented where routing is symmetric
> and where a "reverse-path check" (looking up the source address in
> the routing table to find the "expected" incoming interface and
> checking whether the packet did indeed enter through that interface)

The big question is, what do you do if most of your traffic _is_
asymetrical? I mean, a more basic check could be, "Does the network that
this packet was sourced from exist *at all*?", or "Do I have a route back
to the source network through *any* interface?"

That would cut down on a good amount of spoofing, like the idiots who
spoof from etc.