nanog mailing list archives
Re: ICMP Attacks???????
From: "Jay R. Ashworth" <jra () scfn thpl lib fl us>
Date: Thu, 21 Aug 1997 17:39:53 -0400
On Thu, Aug 21, 1997 at 03:26:50PM -0500, Jon Green wrote:
On Thu, 21 Aug 1997 13:18:34 -0700, fair () clock org writes:There is another mitigation: everyone here should commit to filtering customer packets at the customer premesis router (or at the dial in for PPP/SLIP) such that it is not possible for a customer to send a packet into the network that has an IP source address on it that is not assigned to that customer. That is, no more lying about source addresses.Every time I show a customer of mine how to configure a router, I try to educate them on this. We need some kind of massive marketing effort to get this out to people though. People would do it, but nobody knows about it.
Ok, here's a question: A router knows the network number and mask of each network to which it has an interface. Does it not make sense that the default thing for that router to do would be to trash incoming packets which carry a source address not on the network associated with that interface. Certainly, you'd have to tell the router to accept all comers (except locallly addressed packets) on the WAN interface, but you need to tell it which interface is the default route _anyway_, so that's trivial. And for people with multiple, routed networks behind a router, well, they could probably be assumed to be bright enough to enable additional net/masks for a given interface _anyway_, so that's not really a problem either. Someone tell me, from either a technical or marketing standpoint, why this idea is infeasible, no? Cheers, -- jra -- Jay R. Ashworth jra () baylink com Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "People propose, science studies, technology Tampa Bay, Florida conforms." -- Dr. Don Norman +1 813 790 7592
Current thread:
- Re: ICMP Attacks???????, (continued)
- Re: ICMP Attacks??????? Michael Dillon (Aug 16)
- Re: ICMP Attacks??????? Danny McPherson (Aug 16)
- Re: ICMP Attacks??????? Vadim Antonov (Aug 17)
- Re: ICMP Attacks??????? Edward Henigin (Aug 18)
- RE: ICMP Attacks??????? Steve Carter (Aug 19)
- RE: ICMP Attacks??????? Erik E. Fair (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 21)
- Re: ICMP Attacks??????? Paul Ferguson (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 21)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 21)
- RE: ICMP Attacks??????? Erik E. Fair (Aug 21)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 21)
- Re: ICMP Attacks??????? Greg A. Woods (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 22)
- Re: ICMP Attacks??????? Greg A. Woods (Aug 22)
- Re: ICMP Attacks??????? Joe Rhett (Aug 22)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 22)
- Re: ICMP Attacks??????? Josh Beck (Aug 21)
- Blocking spoofing at the source (was: ICMP Attacks??) Joe Rhett (Aug 22)
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Josh Beck (Aug 22)
- Message not available
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Jay R. Ashworth (Aug 22)