[52655] in North American Network Operators' Group
Re: what's that smell?
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Tue Oct 8 10:41:00 2002
Date: Tue, 8 Oct 2002 16:40:09 +0200 (CEST)
From: Iljitsch van Beijnum <iljitsch@muada.com>
To: "Kelly J. Cooper" <kcooper@genuity.net>
Cc: <nanog@merit.edu>
In-Reply-To: <Pine.SOL.4.31.0210081408430.25834-100000@burlma1-sshare2.gtei.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 8 Oct 2002, Kelly J. Cooper wrote:
> Also, egress filtering is NOT easy,
I don't care. And it doesn't have to be egress filtering as such,
filtering packets you receive from your customers will work just as well.
> Plus, lots of attacks these days are mixing spoofed and legit traffic,
> or doing limited spoofing (i.e. picking random addresses on the LAN
> where they originate to make it past filters).
What's your point? That because someone can do bad thing #1 that can't be
prevented, we should allow them to do bad thing #2 that can?
If they use (semi-) legitmate addresses, at the very least I can track
them and with some effort I can filter them. If they spoof then I can't do
anything. This is not acceptable.
