no ip forged-source-address

• Previous message (by thread): no ip forged-source-address
• Next message (by thread): no ip forged-source-address
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 31 Oct 2002, Christopher L. Morrow wrote:
> I think the spoofed source filtering is more a red-herring than anything
> else. Its not the fix for anything related to this problem of attacks on
> the internet. Spoofed or non, I can forward 1,000,000pps at your network and
> it will die (most times).

I agree, but

> This is like trying to fix a rotten decayed tooth with trident.

Wouldn't you rather the dentist know which tooth to drill, instead of
randomly drilling all of of your teeth hoping to get the cavity?

I can pretty much predict, after source address validation becomes
widely used someone will come up with the idea of blackholing attacking
hosts. Of course, since many of these systems use DHCP, the zombies will
just release and get new addresses.

• Previous message (by thread): no ip forged-source-address
• Next message (by thread): no ip forged-source-address
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]