|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Is there a line of defense against Distributed Reflective attacks?
According to hc <[email protected]> > Of course, egress filters don't > solve the issue. But considering most script kiddies' intelligence level > is limited, it will help at least a bit. :-) The problem with egress > filtering is that it's mostly applicable at the end tier2+ level, not at > the backbones, which means a lot of ISP's who are oblivious on what it > is (or some cases where egress filter breaks their network setup). On the subject of "help a bit", if service providers were to require, by default, either an egress filter (correctly configured) on the CPE router or an ingress filter on their own customer aggregation router it might do some good ... Cheers. -travis > > -hc >
|