North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)
> ... > buying screen doors for igloos may not be the best use of resources. uRPF > doesn't actually prevent any attacks. actually, it would. universal uRPF would stop some attacks, and it would remove a "plan B" option for some attack-flowcharts. i would *much* rather play defense without facing this latent weapon available to the offense. > Would you rather ISPs spend money to > 1. Deploying S-BGP? > 2. Deploying uRPF? > 3. Respond to incident reports? "yes." and i can remember being sick and tired of competing (on price, no less) against providers who couldn't/wouldn't do #2 or #3. i'm out of the isp business at the moment, but the "race to the bottom" mentality is still a pain in my hindquarters, both present and remembered.
|