[93084] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: register.com down sev0?

daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Thu Oct 26 11:51:21 2006

In-Reply-To: <17728.54054.227200.476912@roam.psg.com>
Cc: "Patrick W. Gilmore" <patrick@ianai.net>
From: "Patrick W. Gilmore" <patrick@ianai.net>
Date: Thu, 26 Oct 2006 11:34:40 -0400
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu


On Oct 26, 2006, at 11:24 AM, Randy Bush wrote:

> the case for which we know bcp 38 is useful, is the dns reflector
> attack.  so far, botnets seem to have no need to spoof, they just
> overwhelm you with zombies from real space.

Incorrect.

While that is one mode of attack from a botnet, it is not the only  
mode.  And there are reasons for even botnets to spoof source  
addresses.  And reasons that the attack-ee would prefer they did not.

Randy, are you REALLY arguing -against- BCP38?  Or just yanking  
Fergie's chain 'cause it wouldn't have helped in this particular  
instance?

-- 
TTFN,
patrick


home help back first fref pref prev next nref lref last post