nanog mailing list archives
Re: Source address validation (was Re: UUNet Offer New Protection
From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Mon, 8 Mar 2004 01:22:00 +0000 (GMT)
SD> Date: Sun, 7 Mar 2004 17:47:09 -0500 (EST) SD> From: Sean Donelan SD> In practice, GWF's ... send reports about packets which have SD> our IP addresses, but didn't originate here. The last thing Probably because someone else failed to implement SAV. If $origin_net prevented spoofing your IP space, you'd not have had the problem. If other networks prevented spoofed sources, nobody else could source a packet from your address space. In this case, a packet apparently sourced from you network definitely would have come from your network. Therefore you'd no longer need to check to see if a packet was spoofed. Notice how AS_PATHs and netblock announcements tend to get filter. Why? SD> you want to admit is you do SAV because GWF think SAV means SD> every packet with that source address must have originated SD> here. Uh, no... a spoofed packet from someone else's network means you had no control over it. That's pretty obvious. Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net Sending mail to spambait addresses is a great way to get blocked.
Current thread:
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS), (continued)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Paul Vixie (Mar 06)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Stephen J. Wilcox (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Dan Hollis (Mar 07)
- Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)