nanog mailing list archives
Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]
From: Cb B <cb.list6 () gmail com>
Date: Mon, 3 Feb 2014 17:50:11 -0800
On Feb 3, 2014 10:23 AM, "Paul Ferguson" <fergdawgster () mykolab com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2/2/2014 2:17 PM, Cb B wrote:And, i agree bcp38 would help but that was published 14 years ago.But what? Are you somehow implying that because BCP38 was "...published 14 years ago" (RFC2267 was initially published in 1998, and it was subsequently replaced by RFC2827)? I hope not, because BCP38 filtering would still help stop spoofed traffic now perpetuating these attacks, 14 years after BCP38 was published, because spoofing is at the root of this problem (reflection/amplification attacks). This horse is not dead, and still deserves a lot of kicking. $.02, - - ferg (co-author of BCP38)
I completely agree. My sphere of influence is bcp38 compliant. And, networks that fail to support some form of bcp38 are nothing short of negligent. That said, i spend too much time taking defensive action against ipv4 amp udp attacks. And wishing others would deploy bcp38 does not solve today's ddos attacks. CB
- -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLv3ocACgkQKJasdVTchbLhowEAuO9DSQiRswVeqpHSccHo060h cqmIB8XlaNkzEPQw1w0A/0G6cjvtWBiJfwWbWoTY7X3RRMHeN36RkYR+2TonyNBi =W2wU -----END PGP SIGNATURE-----
Current thread:
- Re: TWC (AS11351) blocking all NTP?, (continued)
- Re: TWC (AS11351) blocking all NTP? Peter Phaal (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Christopher Morrow (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Laszlo Hanyecz (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Christopher Morrow (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Laszlo Hanyecz (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Dobbins, Roland (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Stephane Bortzmeyer (Feb 03)
- BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Paul Ferguson (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Cb B (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] jamie rishaw (Feb 06)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Jared Mauch (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Jared Mauch (Feb 04)
- BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Paul Ferguson (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Valdis . Kletnieks (Feb 04)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Paul Ferguson (Feb 04)
- Why won't providers source-filter attacks? Simple. Jay Ashworth (Feb 04)