|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: On the back of other 'security' posts....
On Sun, Aug 31, 2003 at 02:34:28PM -0700, [email protected] said: [snip] > What you are saying works only so long as none of your edge connections > represent a significant portion of the internet. How do you anti-spoof, > for example, a peering link with SPRINT or UUNET? It's not realistic > to think that you know which addresses could or could not legitimately > come from them. another poster wrote that the spoofed traffic he was seeing was coming from 0.0.0.4 - 40.0.0.0 in .4 increments ... simple bogon filtering would get rid of a good chunk of that space. Granted, it's a small subset of anti-spoof filtering, but there are still networks out there that don't even make _that_ best effort. If folks would simply make the best effort they could, given their situation, the Internet as a whole would be a dramatically nicer place. That best effort will vary greatly by situation, but even a partial attempt is better than none at all. -- Scott Francis || darkuncle (at) darkuncle (dot) net illum oportet crescere me autem minui Attachment:
pgp00002.pgp |