BCP38 dismissal

Gadi Evron ge at linuxbox.org
Thu Sep 4 16:46:59 CDT 2008

On Thu, 4 Sep 2008, Patrick W. Gilmore wrote:
> On Sep 4, 2008, at 3:38 PM, Gadi Evron wrote:
>> On Thu, 4 Sep 2008, Jo Rhett wrote:
>>> On Sep 4, 2008, at 7:24 AM, James Jun wrote:
>>>> Indeed... In today's internet, protecting your own box (cp-policer/ 
>>>> control
>>>> plane filtering) is far more important IMO than implementing BCP38 when 
>>>> much
>>>> of attack traffic comes from legitimate IP sources anyway (see botnets).
>>> I'm sorry, but nonsense statements such as these burn the blood.  Sure, 
>>> yes, protecting yourself is so much more important than protecting anyone 
>>> else.
>>> Anyone else want to stand up and join the "I am an asshole" club?
>> "I'm an a??hole!" :o)
>> (lotsa folks get corporate "bad words" filters, here).
>> Seriously though, everyone should take care of their own end first. The 
>> problem is Jo doesn't seem to be in the loopon attacks from recent years, 
>> but I am unsure he would change his mind if he was/
> Gadi,
> Do you really want to suggest to people that they not implement BCP38?

No. Thank you for calling me on not explaining well.

I suggest that the guy is right. People should tajke care of their 
security first before going out and shouting at the world. That said, I 
also state that he is probably not in touch with what's been going on in 
the past few years.

Meaning, botnets *do* use spoofing, and DNS amplification attacks. The 
threat is not "theoretical" for a few years now and he may simply not be 
in on it.

As to preaching BCP38, well... it's not an easy leap of thought to make, 
that your security is tied into the state of security of a box sitting 
half-way around the world. But that's the case.


> -- 
> patrick

More information about the NANOG mailing list