BCP38 making it work, solving problems

• Previous message (by thread): BCP38 making it work, solving problems
• Next message (by thread): BCP38 making it work, solving problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> For example, how many ISPs use TCP MD5 to limit the possibility of a 
> BGP/TCP connection getting hijacked or disrupted by a ddos attack?

i hope none use it for the latter, as it will not help.  more and
more use it for the former.  why?  becuase they perceived the need
to solve an immediate problem, a weakness in a vendor's code.

> Where ingress filters don't help, of course, is when the attacks come from 
> an apparently-legitimate address.

many folk see that this is the vast majority of the cases.  hence,
one reason for the lack of adoption of rfc 2827

randy

• Previous message (by thread): BCP38 making it work, solving problems
• Next message (by thread): BCP38 making it work, solving problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]