[4339] in North American Network Operators' Group
Re: Re[4]: SYN floods (was: does history repeat itself?)
daemon@ATHENA.MIT.EDU (Curtis Villamizar)
Thu Sep 12 22:22:52 1996
To: pcalhoun@usr.com (Pat Calhoun)
cc: chuckie@panix.com (Alec H. Peterson), Alexis Rosen <alexis@panix.com>,
nanog@merit.edu, perry@piermont.com
Reply-To: curtis@ans.net
In-reply-to: Your message of "Tue, 10 Sep 1996 13:21:45 CDT."
<234661D0.3000@usr.com>
Date: Thu, 12 Sep 1996 22:18:35 -0400
From: Curtis Villamizar <curtis@ans.net>
In message <234661D0.3000@usr.com>, Pat Calhoun writes:
> Alexis,
>
> However if you are filtering on your outbound router to the net,
> there is still the possbility that a malicious user could spoof
> addresses as long as they belong to your address space. By moving the
> filter out to the edge (when you have the equipment) this eliminates
> that problem as well.
>
> Pat R. Calhoun e-mail: pcalhoun@usr.com
> Project Engineer - Lan Access R&D phone: (847) 933-5181
> US Robotics Access Corp.
Know what ISP the traffic is coming from is enormously useful compared
to "its coming from NSP X" or worse yet, "its coming from someone on
Mae-East". That's often were we start from these days.
Curtis
