Advisory - tunneling of IP at exchange points.

• Previous message (by thread): Advisory - tunneling of IP at exchange points.
• Next message (by thread): Advisory - tunneling of IP at exchange points.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

	Maybe I'm missing something, but couldn't you block this with routing
as well?  The attack seems to be based on the fact that your NAP routers have 
routes to other NAP LANs.

	Let's say you connect to just MAE-E and MAE-W.  At MAE-E, add a route
for the MAE-W network to null0.  Do the opposite at MAE-W.  While this may
not 
work for everyone, is should work for the majority.  It may also be more
pleasant then adding filters to a high speed interface.

Jeff Swinton

At 03:53 PM 11/25/97 +0000, Neil J. McRae wrote:
>On Tue, 25 Nov 1997 14:47:22 +0000 (GMT) 
> Paul Thornton <prt at linx.net> wrote:
>
>> 
>> The LINX and several of its members have recently had to take action
>> against an ISP that was using GRE tunneling between exchange points
>> to appropriate the capacity of other ISPs.
>> 
>
>Hmm unfortuntely for us GRF owners it seems that filterd cannot deal
>with filter this. Joy! I wonder how many months for a fix!?
>
>Neil.
>--
>Neil J. McRae. Alive and Kicking.       Domino: In the glow of the night.
>neil at DOMINO.ORG        NetBSD/sparc: 100% SpF (Solaris protection Factor) 
>  Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
>
>
>

• Previous message (by thread): Advisory - tunneling of IP at exchange points.
• Next message (by thread): Advisory - tunneling of IP at exchange points.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]