Source address validation (was Re: UUNet Offer New Protection Against DDoS)

Christopher L. Morrow christopher.morrow at mci.com
Sun Mar 7 22:28:14 UTC 2004


removed paul from the direct reply since his mailserver doesn't like uunet
mail servers :)

On Sun, 7 Mar 2004, Stephen J. Wilcox wrote:

> > smurf attacks are far from 'non-existent' today, however they are not as
> > popular as in 1999-2000-2001.
>
> thats interesting, i've not seen/heard of one for ages.. (guess u have a wider
> testing ground :)
>

just last week we had one... they do still happen.

> > In fact netscan.org still shows almost 9k networks that are 'broken'.
>
> actually i just ran that file thro a quick awk and sort to see to what extent
> these networks exist..
>
> as you can see almost all only reply two or three times, not like in the old
> days with >100 replies being commonplace..
>

Sure, but a list of 9k networks with this leve of response is still enough
to do damage. It's getting better, no doubt about it but it's still a
factor.



--Chris
(formerly chris at uu.net)
#######################################################
## UUNET Technologies, Inc.                          ##
## Manager                                           ##
## Customer Router Security Engineering Team         ##
## (W)703-886-3823 (C)703-338-7319                   ##
#######################################################



More information about the NANOG mailing list