North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SYN spoofing

  • From: bryan s. blank
  • Date: Wed Jul 28 14:06:37 1999

% 	ip verify unicast reverse-path
% and according to Paul Ferguson (co-author of RFC 2267) it's in use by
% many ISPs. Apparently this is very-low overhead. Paul has also indicated
% the use of extended access lists on Cisco routers is very low overhead,
% especially on routers using distributed express forwarding.

	while i hate to question mr. ferguson, it's my understanding
	that many isps have found this feature to be unusable due to
	network design.

bryan s. blank                                             [email protected]
                                                           (443)394-9529 tele
                                                           (410)995-2191 page
							   (410)802-6998 emer