|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
X-Original-To: nanog@nanog.org To: ahebert@pubnix.net From: Mark Andrews <marka@isc.org> In-reply-to: Your message of "Thu, 29 Sep 2016 11:47:09 -0400." <b01d17bf-c4fe-4a60-0f1e-f7c2e61c5650@pubnix.net> Date: Fri, 30 Sep 2016 06:57:52 +1000 Cc: nanog@nanog.org Errors-To: nanog-bounces@nanog.org Even if the customers are unaware of the spoofed traffic, ISPs should be aware which leaves them open for "aiding and abetting". This doesn't require inspecting the payload of the packets. This is the IP header which they are expected to examine and for which there is a BCP saying to drop spoofed packets. Sources are used for policy routing so the source field is expected to be processed. I would expect a Judge to take into consideration the BCP in deciding whether a ISP should be aware of the issue when deciding if a ISP is aiding and abetting by allowing spoofed packets to enter their network. Mark In message <b01d17bf-c4fe-4a60-0f1e-f7c2e61c5650@pubnix.net>, Alain Hebert writes: > Well there is money to be made in DDoS protection... See our > "friends" still hosting "those" pay sites. > > Do not expect the vendors to cut themself of that market. > > ----- > Alain Hebert ahebert@pubnix.net > PubNIX Inc. > 50 boul. St-Charles > P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 > Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443 > > On 09/29/16 11:31, Leo Bicknell wrote: > > In a message written on Tue, Sep 27, 2016 at 08:44:35PM +0000, White, Andrew wrote: > >> This assumes the ISP manages the customer's CPE or home router, which is often not the case. Adding such ACLs > to the upstream device, operated by the ISP, is not always easy or feasible. > > Unicast RFP should be a feature every ISP requires of all edge > > devices for at least 15 years now. It should be on by default for > > virtually all connections, and disabled only by request or when > > there are circumstances to suggest it would break things (e.g. a > > request for BGP with full tables over the link). > > > > At this point there's no excuse, anyone who has gear who can't do > > that has been asleep at the switch. It's been a standard feature > > in too much gear for too long. > > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |