Re: BCP38 thread 93,871,738,435 + SPF

North American Network Operators Group

Re: BCP38 thread 93,871,738,435 + SPF

From: Douglas Otis
Date: Fri Oct 27 18:35:43 2006

On Oct 27, 2006, at 10:03 AM, Chris L. Morrow wrote:

On Fri, 27 Oct 2006 [email protected] wrote:
Or you could look at it as a weakness of SPF that should be used as a justification for discouraging its use. After all if we discourage botnets because they are DDoS enablers, shouldn't we discourage other DDoS enablers like SPF?

under this assumption we should discourage user use of the internet... :(
anyway, please let's get back to the original discussion :)

As Steve already pointed out, BCP38 is not a complete solution. Not only does SPF prevent the source of a Botnet attack from being detected, it also enables significantly greater amplification than might be achieved with a spoofed source DNS reflective attack. In addition, the Botnet resources are not wasted, as their spam is still being delivered. This aspect alone dangerously changes the costs related to such attacks. It seems wholly imprudent not to consider SPF in the same discussion.

-Doug

Follow-Ups:
- Re: BCP38 thread 93,871,738,435 + SPF Gadi Evron

References:
- Re: BCP38 thread 93,871,738,435 + SPF Michael.Dillon
- Re: BCP38 thread 93,871,738,435 + SPF Chris L. Morrow

Prev by Date: Re: register.com down sev0?
Next by Date: RE: register.com down sev0?
Date Index
Thread Index
Author Index
Historical