smurf, the MCI-developed tracing tools (was Re: Bogus announcement)

• Previous message (by thread): smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
• Next message (by thread): smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 12:05 PM 12/28/97 -0600, Karl Denninger wrote:

>
>You don't want to filter ICMPs.  What you want to filter is ANYTHING which
>came from an invalid source address *at your entrance* from your customer
>connections.
>

This is documented in:


 Network Ingress Filtering: Defeating Denial of Service Attacks
  which employ IP Source Address Spoofing;
 draft-ferguson-ingress-filtering-03.txt

At the moment, we're trying to get this evntually published as
an Informational RFC.

More information can be found at:

 ftp://ftp.cert.org/pub/cert_advisories/CA-97.28.Teardrop_Land

- paul

• Previous message (by thread): smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
• Next message (by thread): smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]