FW: Re: Is there a line of defense against Distributed Reflective attacks?

• Previous message (by thread): FW: Re: Is there a line of defense against Distributed Reflective attacks?
• Next message (by thread): FW: Re: Is there a line of defense against Distributed Reflective attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jan 18, 2003 at 10:45:11PM -0600, Chris Adams wrote:
> How is this different than "ip verify unicast reverse-path" (modulo CEF
> problems and bugs, which of course NEVER happen :-) )?

It would be useful for all sorts of things besides verifying a source
address.  So in addition to complicated configurations such as multi-
homing/paths that you mention, it could also be useful for standard
filters on protocols, ports, logging and so on.

John

• Previous message (by thread): FW: Re: Is there a line of defense against Distributed Reflective attacks?
• Next message (by thread): FW: Re: Is there a line of defense against Distributed Reflective attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]