|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: no ip forged-source-address
On Thu, 31 Oct 2002, Christopher L. Morrow wrote: > I think the spoofed source filtering is more a red-herring than anything > else. Its not the fix for anything related to this problem of attacks on > the internet. Spoofed or non, I can forward 1,000,000pps at your network and > it will die (most times). I agree, but > This is like trying to fix a rotten decayed tooth with trident. Wouldn't you rather the dentist know which tooth to drill, instead of randomly drilling all of of your teeth hoping to get the cavity? I can pretty much predict, after source address validation becomes widely used someone will come up with the idea of blackholing attacking hosts. Of course, since many of these systems use DHCP, the zombies will just release and get new addresses.
|