nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

From: Cb B <cb.list6 () gmail com>
Date: Mon, 3 Feb 2014 17:50:11 -0800
On Feb 3, 2014 10:23 AM, "Paul Ferguson" <fergdawgster () mykolab com> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2/2/2014 2:17 PM, Cb B wrote:


And, i agree bcp38 would help but that was published 14 years ago.


But what? Are you somehow implying that because BCP38 was
"...published 14 years ago" (RFC2267 was initially published in 1998,
and it was subsequently replaced by RFC2827)?

I hope not, because  BCP38 filtering would still help stop spoofed
traffic now perpetuating these attacks, 14 years after BCP38 was
published, because spoofing is at the root of this problem
(reflection/amplification attacks).

This horse is not dead, and still deserves a lot of kicking.

$.02,

- - ferg (co-author of BCP38)



I completely agree.  My sphere of influence is bcp38 compliant.  And,
networks that fail to support some form of bcp38 are nothing short of
negligent.

That said, i spend too much time taking defensive action against ipv4 amp
udp attacks. And wishing others would deploy bcp38 does not solve today's
ddos attacks.

CB


- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlLv3ocACgkQKJasdVTchbLhowEAuO9DSQiRswVeqpHSccHo060h
cqmIB8XlaNkzEPQw1w0A/0G6cjvtWBiJfwWbWoTY7X3RRMHeN36RkYR+2TonyNBi
=W2wU
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: