North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ACLs / Filter Lists - Best Practices
On Fri, Nov 30, 2001 at 01:39:24AM -0500, Tim Irwin wrote: > > - <rant>RFC 1918 filtering is no silver bullet. Yes, it should be done, but > all a malicious person needs in order to be able to launch an effective DDoS > attack is to source from unassigned address space or address space that is > known to be unused.</rant> And that's why we all need to employ things like CEF reverse path verification at our customer edge. -- Andreas Plesner Jacobsen | There's a lot to be said for not saying a lot.
|