Is there a line of defense against Distributed Reflective attacks?
hc
haesu at towardex.com
Fri Jan 17 05:03:56 UTC 2003
>
>
>>
>
> Good point.
>
> I suppose another basic but effective method of prevention would be
> egress filtering. An increasing minority of network providers are
> instituting it, but it doesn't seem like it will be a widespread thing
> in the near-term.
>
Yes, but egress filtering is only effective by far. Anyone can forge the
source to an IP address that belongs to one of the /16's a provider
advertises.
It will help of course, but really not The solution... Or is there one?
-hc
More information about the NANOG
mailing list