ICMP Attacks???????
Alex Przekupowski
oop at idt.net
Fri Aug 22 18:21:12 UTC 1997
Maybe it should be a pre-defined filter that the manufactures include in
the basic software configuration. If we put some pressure on
Cisco/Bay/Ascend/Livingston etc....... maybe we can get it done there, so
that we don't have to educate new people.
Alex P
On Thu, 21 Aug 1997, Jon Green wrote:
> On Thu, 21 Aug 1997 13:18:34 -0700, fair at clock.org writes:
> >
> >There is another mitigation: everyone here should commit to filtering
> >customer packets at the customer premesis router (or at the dial in for
> >PPP/SLIP) such that it is not possible for a customer to send a packet into
> >the network that has an IP source address on it that is not assigned to
> >that customer. That is, no more lying about source addresses.
>
> Every time I show a customer of mine how to configure a router, I
> try to educate them on this. We need some kind of massive marketing
> effort to get this out to people though. People would do it, but nobody
> knows about it.
>
> Maybe we should get CyberPromo to spam all the technical contacts
> in Internic's database to tell them how to do filtering. :)
>
> -Jon
>
> -----------------------------------------------------------------
> * Jon Green * "Life's a dance *
> * jcgreen at netINS.net * you learn as you go" *
> * Finger for Geek Code/PGP * *
> * #include "std_disclaimer.h" * http://www.netins.net/showcase/jcgreen *
> -------------------------------------------------------------------------
>
More information about the NANOG
mailing list