[107502] in North American Network Operators' Group
Re: BCP38 dismissal
daemon@ATHENA.MIT.EDU (Jo Rhett)
Thu Sep 4 13:23:04 2008
From: Jo Rhett <jrhett@netconsonance.com>
To: "Paul Wall" <pauldotwall@gmail.com>
In-Reply-To: <620fd17c0809041014n26cdcebo784c6de2f932e149@mail.gmail.com>
Date: Thu, 4 Sep 2008 10:18:28 -0700
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
On Sep 4, 2008, at 10:14 AM, Paul Wall wrote:
> On Thu, Sep 4, 2008 at 12:45 PM, Jo Rhett <jrhett@netconsonance.com>
> wrote:
>> I'm sorry, but nonsense statements such as these burn the blood.
>> Sure, yes,
>> protecting yourself is so much more important than protecting
>> anyone else.
>>
>> Anyone else want to stand up and join the "I am an asshole" club?
>
> uRPF is important. But all the uRPF in the world won't protect you
> against a little tcp/{22,23,179} SYN aimed at your Force 10 box.
>
> Ya know what I mean?
No. Because our F10s aren't suspectible to that, period. I think
this whole "control panel policing" is flat out wrong, but honestly to
argue that point I'd have to do some research into what Cisco is doing
these days (never had most of the good anti-dos and flood-control
stuff F10 has last time I looked) and frankly, it's not within my
scope of work so I left that alone.
The focus of my comment was on the "BCP38 isn't important", because
*THAT* is something that causes grief for me (and everyone) in the day
job.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
