From: Scott Francis (no email)
Date: Wed Sep 03 2003 - 17:07:43 EDT
On Sun, Aug 31, 2003 at 02:34:28PM -0700, said:
[snip]
> What you are saying works only so long as none of your edge connections
> represent a significant portion of the internet. How do you anti-spoof,
> for example, a peering link with SPRINT or UUNET? It's not realistic
> to think that you know which addresses could or could not legitimately
> come from them.
another poster wrote that the spoofed traffic he was seeing was coming from
0.0.0.4 - 40.0.0.0 in .4 increments ... simple bogon filtering would get rid
of a good chunk of that space. Granted, it's a small subset of anti-spoof
filtering, but there are still networks out there that don't even make _that_
best effort.
If folks would simply make the best effort they could, given their situation,
the Internet as a whole would be a dramatically nicer place. That best effort
will vary greatly by situation, but even a partial attempt is better than
none at all.
--
Scott Francis || darkuncle (at) darkuncle (dot) net
illum oportet crescere me autem minui
|
|
|