|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: router worms and International Infrastructure
On Tue, 20 Sep 2005 [email protected] wrote: Well.. it could be worse, according to the results in http://spoofer.csail.mit.edu/, at least by some metrics, about 2/3 or 3/4 of networks are unspoofable. That's already pretty good improvement..On Tue, 20 Sep 2005 08:44:33 +0200, Gadi Evron said:Whatever gets done and re-done is local, whether by ISP or country and there is almost nothing getting done to treat this as a global, macro problem, and actually put in measures to combat it.RFC2827 came out in May 2000. Based on its deployment history, where providers just have to act locally, I suspect that a requirement that providers act globally will result in either: FWIW, here in Finland the regulatory body is mandating certain amount of spoofing prevention and other things. Transit providers (to whatever definition of 'transit') could maybe also be a bit more strict on what they accept from downstream.. Btw. Juniper's Feasible Path uRPF (mentioned in RFC3704) is your friend, even on multihomed/asymmetric links. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
|