Why won't providers source-filter attacks? Simple.

Paul Ferguson fergdawgster at mykolab.com
Thu Feb 6 03:48:24 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2/5/2014 7:43 PM, Randy Bush wrote:

>>> The last-mile is the best possible place to filter, without
>>> breaking things.
>> I could not agree more. :-)
> 
> very large consumer populations are on metro-ether-like things.
> and it gets kinkier from there, don't eat before looking at what
> ntt-east has done with ngn.
> 
> i fear we really have most of the easy big deployments and all of
> the cool kids.  we're down to statistically small stubborn
> do-nothings and some folk with equipment that will take years to be
> pushed off net.
> 

Maybe. Maybe not.

I think it really depends how we approach the problem -- apparently
our approaches up until now have been failures to a certain degree. At
least 20-30% failure, if you believe the Spoofer Project numbers.

I'd like to think (and I am not happy smiley person as you well know)
that perhaps we can motivate some younger, brighter, ingenious people
who have not been tilting at this for 15 years to consider new ways to
approach this problem. :-)  <-- Smiley!

- - ferg


- -- 
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlLzBggACgkQKJasdVTchbL8hwEAwXbejfCFaOQnqYz6v8xcXfb7
uTmSIWZj+kuiGh976lUA/A5gGGrrAzaVyp3SqX57p5AR8w9kfMQEEbVMLCn7il4R
=FE9f
-----END PGP SIGNATURE-----



More information about the NANOG mailing list