[27322] in North American Network Operators' Group
Re: Internet SYN Flooding, spoofing attacks
daemon@ATHENA.MIT.EDU (Vijay Gill)
Fri Feb 11 22:48:34 2000
Date: Fri, 11 Feb 2000 22:44:59 -0500 (EST)
From: Vijay Gill <wrath@cs.umbc.edu>
To: Paul Ferguson <ferguson@cisco.com>
Cc: nanog@merit.edu
In-Reply-To: <4.2.2.20000211213043.00a26630@lint.cisco.com>
Message-ID: <Pine.SOL.3.95.1000211224410.17799J-100000@mailserver-ng.cs.umbc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 11 Feb 2000, Paul Ferguson wrote:
> >Unicast RPF where appropriate and filters where appropriate, life would
> >become better. -- exhibit [a]
> C might have some problems doing Unicast RPF, but it certainly
> wouldn't have problems doing RFC2267-style filtering on it's
> access link to D; likewise ther might be many "mini" connections
> from C to other smaller downstream customers. THAT is where this
> filtering needs to occur.
I suspect we are in violent agreement here. See exhibit [a]
/vijay
