nanog mailing list archives
Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Sun, 7 Mar 2004 18:58:36 +0000 (GMT)
SD> Date: Sat, 6 Mar 2004 22:04:58 -0500 (EST) SD> From: Sean Donelan SD> Would you rather ISPs spend money to SD> 1. Deploying S-BGP? SD> 2. Deploying uRPF? SD> 3. Respond to incident reports? Let's look at the big picture instead of a taking a shallow mutex approach. If SAV were universal (ha ha ha!), one could discount spoofed traffic when analyzing flows. But, hey, why bother playing nice and helping other networks, eh? Am I the only one who's had IWFs -- even legitimate entities -- complain about packets "from your network" that weren't? It certainly would have been nice if $other_networks had used SAV. SAV doesn't take long to implement. Considering the time spent discounting spoofing when responding to incidents, I think there would be a _net_ savings (no pun intended) in time spent responding to incidents. Alas, that requires cooperation and doesn't provide instantaneous gratification. If it doesn't make/save a quick buck, why bother? Detection of sarcasm is left as an exercise to the reader. Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net Sending mail to spambait addresses is a great way to get blocked.
Current thread:
- Re: Source address validation (was Re: UUNet Offer New Protection, (continued)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)