Interesting new spam technique - getting a lot more popular.

• Previous message (by thread): Interesting new spam technique - getting a lot more popular.
• Next message (by thread): Interesting new spam technique - getting a lot more popular.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "Mikael" == Mikael Abrahamsson <swmike at swm.pp.se> writes:

 > On Wed, 14 Jun 2006, Christopher L. Morrow wrote:
 >> is it really that hard to make your foudry/extreme/cisco l3 switch
 >> vlan and subnet??? Is this a education thing or a laziness thing?
 >> Is this perhaps covered in a 'bcp' (not even an official IETF
 >> thing, just a hosters bible sort of thing) ?

 Mikael> This problem is fixed by following the BCP regarding spoof
 Mikael> filtering,

Only if you also filter _OUTGOING_ traffic, by port, to allow only the
destination IPs that the customer equipment should be seeing.

Filtering the ingress direction (customer equipment -> your network)
does not help (until _everyone_ does it), since the spammer only needs
to _receive_ traffic with the hijacked IP, not send it (that can be
done from the other corner of the spammer's triangle route).

-- 
Andrew, Supernews
http://www.supernews.com

• Previous message (by thread): Interesting new spam technique - getting a lot more popular.
• Next message (by thread): Interesting new spam technique - getting a lot more popular.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]