North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Fwd: Protocol Action: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing to BCP
FYI, - paul >To: IETF-Announce:; >Cc: RFC Editor <[email protected]> >Cc: Internet Architecture Board <[email protected]> >From: The IESG <[email protected]> >Subject: Protocol Action: Network Ingress Filtering: Defeating Denial > of Service Attacks which employ IP Source Address Spoofing to BCP >Date: Tue, 15 Feb 2000 09:23:37 -0500 >Sender: [email protected] > > > >The IESG has approved 'Network Ingress Filtering: Defeating Denial of >Service Attacks which employ IP Source Address Spoofing' <rfc2267> as a >Best Current Practice. > >The IESG Contact Persons are Randy Bush and Bert Wijnen. > > >Technical Summary > > This document describes recommended router configurations to reduce > likelihood of attacks over the network. It describes how an ISP customer > aggregation router should be configured to prevent a customer from sending > packets with source addresses from space other than their own. > >Working Group Summary > > This is not the product of a working group, but has been used in practice, > has passed general IETF last call twice, and is generally considered to be > good practice. > >Protocol Quality > > This was reviewed for the IESG by Randy Bush. > |