[60241] in North American Network Operators' Group
Re: WANTED: ISPs with DDoS defense solutions
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Aug 4 17:41:32 2003
From: Randy Bush <randy@psg.com>
Date: Mon, 4 Aug 2003 14:41:01 -0700
To: bdragon@gweep.net
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
>>>> Filtering the bogons does help, and everyone should perform anti-spoofing
>>>> in the appropriate places. It isn't, however, a silver bullet.
>>> it's necessary but not sufficient.
>> anti-spoofing is useful, but vastly insufficient, and hence not necessary
> anti-spoofing eliminates certain avenues of attack allowing one to focus
> on remaining avenues, and hence (as Vix stated) is necessary but not
> sufficient.
it turns 1% of the technical problem into a massive social business
problem which, even if it was solvable (which it practically isn't),
would also be addressed by technical solutions where no spoofing is
involved.
but it would provide a lot of fun and soapboxes for wannabe net
police and vigilantes.
randy
