no ip forged-source-address
Petri Helenius
pete at he.iki.fi
Wed Oct 30 22:01:59 UTC 2002
> decides to attack, it would use some neighbor's IP. The subnet I am on is
> a /24 and there very well may be a few dozen hosts. I could be real
> sneaky and alter my IP randomly to be any of my neighbors for every packet
> I send out.
>
This gets a lot sneakier when you got your /64 on the subnet. Specially
if people start to build significantly larger subnets by default.
Pete
More information about the NANOG
mailing list