North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BCP38 dismissal

  • From: Gadi Evron
  • Date: Thu Sep 04 17:51:10 2008
On Thu, 4 Sep 2008, Patrick W. Gilmore wrote:
On Sep 4, 2008, at 3:38 PM, Gadi Evron wrote:
On Thu, 4 Sep 2008, Jo Rhett wrote:
On Sep 4, 2008, at 7:24 AM, James Jun wrote:
Indeed... In today's internet, protecting your own box (cp-policer/ control
plane filtering) is far more important IMO than implementing BCP38 when much
of attack traffic comes from legitimate IP sources anyway (see botnets).


I'm sorry, but nonsense statements such as these burn the blood. Sure, yes, protecting yourself is so much more important than protecting anyone else.

Anyone else want to stand up and join the "I am an asshole" club? 

"I'm an a??hole!" :o)
(lotsa folks get corporate "bad words" filters, here).

Seriously though, everyone should take care of their own end first. The problem is Jo doesn't seem to be in the loopon attacks from recent years, but I am unsure he would change his mind if he was/

Gadi,

Do you really want to suggest to people that they not implement BCP38?

No. Thank you for calling me on not explaining well.

I suggest that the guy is right. People should tajke care of their security first before going out and shouting at the world. That said, I also state that he is probably not in touch with what's been going on in the past few years.

Meaning, botnets *do* use spoofing, and DNS amplification attacks. The threat is not "theoretical" for a few years now and he may simply not be in on it.

As to preaching BCP38, well... it's not an easy leap of thought to make, that your security is tied into the state of security of a box sitting half-way around the world. But that's the case.

Gadi.

--
TTFN,
patrick