|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Source address validation (was Re: UUNet Offer New ProtectionAgainst DDoS)
On Sun, 7 Mar 2004, Stephen J. Wilcox wrote: > > > actually, it would. universal uRPF would stop some attacks, and it would > > remove a "plan B" option for some attack-flowcharts. i would *much* rather > > play defense without facing this latent weapon available to the offense. > > I'm agreeing here, okay (yet anoter) example.. smurf attacks. These seem to be > non-existent these days so shall we stop disabling 'ip directed-broadcast' on > our routers? smurf attacks are far from 'non-existent' today, however they are not as popular as in 1999-2000-2001. In fact netscan.org still shows almost 9k networks that are 'broken'.
|