[64978] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: uRPF-based Blackhole Routing System Overview

daemon@ATHENA.MIT.EDU (Kevin C Miller)
Fri Nov 7 14:27:41 2003

Date: Fri, 07 Nov 2003 14:26:07 -0500
From: Kevin C Miller <kevinm@andrew.cmu.edu>
To: Nanog Mailing list <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.44.0311071223210.18779-100000@shell.geek.net>
Errors-To: owner-nanog-outgoing@merit.edu


FWIW, I presented a paper at LISA last week that described almost an 
identical configuration. Slides and paper are available from 
http://www.net.cmu.edu/pres/lisa03

-Kevin

--On Friday, November 07, 2003 1:19 PM -0600 "Robert A. Hayden" 
<rhayden@geek.net> wrote:

> uRPF was designed primarily to block spoofed IPs.  However, you can trick
> it into blocking non-spoofed IPs by making the routing table think the IP
> address should legitimately be located somewhere else.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[64978] in North American Network Operators' Group

Re: uRPF-based Blackhole Routing System Overview

daemon@ATHENA.MIT.EDU (Kevin C Miller)Fri Nov 7 14:27:41 2003

daemon@ATHENA.MIT.EDU (Kevin C Miller)
Fri Nov 7 14:27:41 2003