Re: no ip forged-source-address

From: Craig A. Huegen (no email)
Date: Wed Oct 30 2002 - 16:34:40 EST


On Wed, Oct 30, 2002 at 09:26:30PM +0200, Hank Nussbacher wrote:

==>Traceback would get me instantly back to the offending subnet but then it
==>would take a bit of digging on the network admin to track me down and
==>applying RPF checking won't help.

I think the issue we need to tackle is ensuring that packets originate,
at minimum, from the organization who holds the address space in the
source address.

I'm happy getting it down to the organizational level (note that in a
larger enterprise organization it may not even be to subnet level). At
least then we have an accountable party.

/cah








Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD