SYN spoofing
bryan s. blank
bryan at supernet.net
Wed Jul 28 15:54:03 UTC 1999
% ip verify unicast reverse-path
%
% and according to Paul Ferguson (co-author of RFC 2267) it's in use by
% many ISPs. Apparently this is very-low overhead. Paul has also indicated
% the use of extended access lists on Cisco routers is very low overhead,
% especially on routers using distributed express forwarding.
while i hate to question mr. ferguson, it's my understanding
that many isps have found this feature to be unusable due to
network design.
-----------------------------------------------------------------------------
bryan s. blank bryan at supernet.net
(443)394-9529 tele
(410)995-2191 page
(410)802-6998 emer
More information about the NANOG
mailing list