Source address validation (was Re: UUNet Offer New Protection AgainstDDoS)

• From: Sean Donelan
• Date: Sat Mar 06 18:41:39 2004

On Sat, 6 Mar 2004, Paul Vixie wrote:
> (and according to that text, it was a 9-year-old idea at that time.)
>
> it's now 2004.  how much longer do we want to have this problem?

Source address validation (or Cisco's term uRPF) is perhaps more widely
deployed than people realize.  Its not 100%, but what's interesting is
despite its use, it appears to have had very little impact on DDOS or
lots of other bad things.

Root and other DNS servers bear the brunt of misconfigured (not
necessarily malicious attack) devices.  So some people's point of
view may be different.  But relatively few DDOS attacks use spoofed
packets.  If more did, they would be easier to deal with.

After all these years, perhaps its time to re-examine the assumptions.

• Follow-Ups:
  • Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig
  • Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie
  • Re: Source address validation (was Re: UUNet Offer New ProtectionAgainst DDoS) Alex Bligh

• References:
  • Re: UUNet Offer New Protection Against DDoS Christopher L. Morrow
  • Re: UUNet Offer New Protection Against DDoS Steve Francis
  • Re: UUNet Offer New Protection Against DDoS Paul Vixie

• Prev by Date: Re: UUNet Offer New Protection Against DDoS
• Next by Date: Re: "Information Warfare"
• Date Index
• Thread Index
• Author Index
• Historical