BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]
cb.list6 at gmail.com
Tue Feb 4 01:50:11 UTC 2014
On Feb 3, 2014 10:23 AM, "Paul Ferguson" <fergdawgster at mykolab.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> On 2/2/2014 2:17 PM, Cb B wrote:
> > And, i agree bcp38 would help but that was published 14 years ago.
> But what? Are you somehow implying that because BCP38 was
> "...published 14 years ago" (RFC2267 was initially published in 1998,
> and it was subsequently replaced by RFC2827)?
> I hope not, because BCP38 filtering would still help stop spoofed
> traffic now perpetuating these attacks, 14 years after BCP38 was
> published, because spoofing is at the root of this problem
> (reflection/amplification attacks).
> This horse is not dead, and still deserves a lot of kicking.
> - - ferg (co-author of BCP38)
I completely agree. My sphere of influence is bcp38 compliant. And,
networks that fail to support some form of bcp38 are nothing short of
That said, i spend too much time taking defensive action against ipv4 amp
udp attacks. And wishing others would deploy bcp38 does not solve today's
> - --
> Paul Ferguson
> VP Threat Intelligence, IID
> PGP Public Key ID: 0x54DC85B2
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> -----END PGP SIGNATURE-----
More information about the NANOG