no ip forged-source-address

• Previous message (by thread): no ip forged-source-address
• Next message (by thread): no ip forged-source-address
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 30, 2002 at 03:34:40PM -0600, Craig A. Huegen wrote:
> 
> On Wed, Oct 30, 2002 at 09:26:30PM +0200, Hank Nussbacher wrote:
> 
> ==>Traceback would get me instantly back to the offending subnet but then it
> ==>would take a bit of digging on the network admin to track me down and
> ==>applying RPF checking won't help.
> 
> I think the issue we need to tackle is ensuring that packets originate,
> at minimum, from the organization who holds the address space in the
> source address.

	And i wish all telemarketers generated caller-id.  But the
lack of it doesn't mean i won't answer the phone.

> I'm happy getting it down to the organizational level (note that in a
> larger enterprise organization it may not even be to subnet level).  At
> least then we have an accountable party.

	Exactly.  This isn't in attempt to stop all DoS attacks, just
help validate that when someone is attacking from the ip of www.example.com,
there will be a good chance that www.example.com is 0wned.

	- jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

• Previous message (by thread): no ip forged-source-address
• Next message (by thread): no ip forged-source-address
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]