Re: no ip forged-source-address

From: Craig A. Huegen (no email)
Date: Wed Oct 30 2002 - 16:34:40 EST

On Wed, Oct 30, 2002 at 09:26:30PM +0200, Hank Nussbacher wrote:

==>Traceback would get me instantly back to the offending subnet but then it
==>would take a bit of digging on the network admin to track me down and
==>applying RPF checking won't help.

I think the issue we need to tackle is ensuring that packets originate,
at minimum, from the organization who holds the address space in the
source address.

I'm happy getting it down to the organizational level (note that in a
larger enterprise organization it may not even be to subnet level). At
least then we have an accountable party.


Hosted Email Solutions

Invaluement Anti-Spam DNSBLs

Powered By FreeBSD   Powered By FreeBSD