Blocking spoofing at the source (was: ICMP Attacks??)

• Previous message (by thread): Blocking spoofing at the source (was: ICMP Attacks??)
• Next message (by thread): ICMP Attacks???????
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Robert Sanders <rsanders at mindspring.net> writes:

> I plan to deploy anti-spoofing filters throughout our access network
> before the end of September.  Is anybody else running or planning to
> implement similar filters?

We've been doing this (also with USR total control hardware) since we
first started handling large scale dialup IP a bit over a year ago.

Before USR had the dynamic filters, we just preloaded per-customer
filters into each box and referenced it with a normal filter id.
While we couldn't make the filters specific to the user, they did
restrict traffic to the source address block from which all dynamic
addresses were assigned, so even if they spoofed, it would still track
back to a block that ANS was identified with, and we could work
backwards through our call records to try to track it down.

-- David

/-----------------------------------------------------------------------\
 \              David Bolen             \  Internet: db3l at ans.net      /
  |       ANS Communications, Inc.        \   Phone: (914) 789-5327   |
 / 100 Clearbrook Road, Elmsford, NY 10523  \   Fax: (914) 789-5310    \
\-----------------------------------------------------------------------/

• Previous message (by thread): Blocking spoofing at the source (was: ICMP Attacks??)
• Next message (by thread): ICMP Attacks???????
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]