[36195] in North American Network Operators' Group
RE: dsl providers that will route /24
daemon@ATHENA.MIT.EDU (David Schwartz)
Thu Mar 29 21:53:08 2001
From: "David Schwartz" <davids@webmaster.com>
To: "Eric A. Hall" <ehall@ehsco.com>
Cc: <nanog@nanog.org>
Date: Thu, 29 Mar 2001 18:40:09 -0800
Message-ID: <NCBBLIEPOCNJOAEKBEAKOEJDOBAA.davids@webmaster.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <3AC3C287.CACC9F21@ehsco.com>
Errors-To: owner-nanog-outgoing@merit.edu
> > Not so. You could still never be sure whether the attack was spoofed
> > or not. That the address the attacks appear to come from employ source
> > filters doesn't help you.
>
> This is your excuse not to filter? That there is one other network which
> doesn't, so the network is already insecure?
>
> Would the network be more secure if you also filtered or less secure if
> you didn't?
It's less secure if peoplee can spoof packets without detection. Filtering
is one means of solving this problem. There are others. Filtering is not a
perfect solution, there are others that are even better than filtering, they
just take more work.
DS
