[153722] in North American Network Operators' Group
Re: Whither Cometh BCP38?
daemon@ATHENA.MIT.EDU (Jay Ashworth)
Mon Jun 11 12:10:24 2012
Date: Mon, 11 Jun 2012 12:09:18 -0400 (EDT)
From: Jay Ashworth <jra@baylink.com>
To: NANOG <nanog@nanog.org>
In-Reply-To: <59F2B088-029A-42DC-8ADF-821D797B60D1@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
----- Original Message -----
> From: "Roland Dobbins" <rdobbins@arbor.net>
> On Jun 11, 2012, at 10:13 PM, Jay Ashworth wrote:
> > Or are spoofed-source-address attacks not, as Vix suggests,
> > significant and trending upwards?
>
> They're enjoying a renaissance because of attackers leveraging
> spoofing in order to enable DNS, SNMP, and ntp
> reflection/amplification DDoS attacks.
Ok, so your comment confirms that there's still a problem, and Mikael's,
that the tools to stop it from actually being a problem can *reasonably*
be expected to be in place in a reasonably large number of places where
they're needed.
So, are the knobs actually on? (I'm guessing "clearly, not")
Why?
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
