Interesting new spam technique - getting a lot more popular.
Andrew - Supernews
andrew at supernews.net
Wed Jun 14 16:58:14 UTC 2006
>>>>> "Mikael" == Mikael Abrahamsson <swmike at swm.pp.se> writes:
> On Wed, 14 Jun 2006, Christopher L. Morrow wrote:
>> is it really that hard to make your foudry/extreme/cisco l3 switch
>> vlan and subnet??? Is this a education thing or a laziness thing?
>> Is this perhaps covered in a 'bcp' (not even an official IETF
>> thing, just a hosters bible sort of thing) ?
Mikael> This problem is fixed by following the BCP regarding spoof
Mikael> filtering,
Only if you also filter _OUTGOING_ traffic, by port, to allow only the
destination IPs that the customer equipment should be seeing.
Filtering the ingress direction (customer equipment -> your network)
does not help (until _everyone_ does it), since the spammer only needs
to _receive_ traffic with the hijacked IP, not send it (that can be
done from the other corner of the spammer's triangle route).
--
Andrew, Supernews
http://www.supernews.com
More information about the NANOG
mailing list