nanog mailing list archives
Re: SYN spoofing
From: Deepak Jain <deepak () ai net>
Date: Wed, 28 Jul 1999 14:05:14 -0400 (EDT)
While it is easy, it is not always practical because you often have customers who advertise thousands of prefixes. Or, in the simpler case, if you transit 500,000 pps on a single outbound link/router, it becomes very expensive to do per packet filtering outbound. At our ingress points, for example, (from peers and customers) we do filter bogus traffic so we in turn, do not pass undesirable traffic on. At ingress points where you are only seeing 150,000 pps its not so bad doing per packet filtering. Just an opinion, Deepak Jain AiNET On Wed, 28 Jul 1999, Joe Shaw wrote:
Any provider who allows the passing of address space that isn't his own (beyond whatever transit they may provide to their peers) is shameful. How hard is it really to put a filter on your outbound links that says drop all ip traffic heading out these links that isn't from my IP space? It's just like martian filters for your inbound links, and we'd see a significant decrease in spoofing based attacks if it was more widely adopted. Not to mention it'll keep peers from dumping traffic on you. -- Joseph W. Shaw - jshaw () insync net Freelance Computer Security Consultant and Perl Programmer Free UNIX advocate - "I hack, therefore I am." On Wed, 28 Jul 1999, John Fraizer wrote:Perhaps if you were to NAME these networks, they may be shamed into doing something about the problem. Then again, they should be ashamed to begin with for passing RFC1918 traffic, let alone loopback space.
Current thread:
- SYN spoofing bandregg (Jul 26)
- Re: SYN spoofing Dan Hollis (Jul 26)
- Re: SYN spoofing John Fraizer (Jul 28)
- Re: SYN spoofing Joe Shaw (Jul 28)
- Re: SYN spoofing Daniel Senie (Jul 28)
- Re: SYN spoofing Greg A. Woods (Jul 28)
- Re: SYN spoofing Vijay Gill (Jul 28)
- Re: SYN spoofing Wayne Bouchard (Jul 28)
- Re: SYN spoofing Daniel Senie (Jul 28)
- Re: SYN spoofing John Fraizer (Jul 28)
- Re: SYN spoofing Dan Hollis (Jul 26)
- Re: SYN spoofing Forrest W. Christian (Jul 28)
- Re: SYN spoofing Deepak Jain (Jul 28)
- Re: SYN spoofing Dan Hollis (Jul 28)
- Re: SYN spoofing batz (Jul 28)
- Re: SYN spoofing Dan Hollis (Jul 28)
- Re: SYN spoofing Jeremy Porter (Jul 28)
- Re: SYN spoofing Dan Hollis (Jul 28)
- Re: SYN spoofing Jeremy Porter (Jul 28)
- Re: SYN spoofing Dan Hollis (Jul 28)
- Re: SYN spoofing John Fraizer (Jul 30)
- <Possible follow-ups>
- Re: SYN spoofing Deepak Jain (Jul 28)