Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP Attacks???????

  • From: Danny McPherson
  • Date: Thu Aug 21 18:50:17 1997

> That's helpful, but even as an RFC people still have to be aware that
> the problem exists before they do anything about it.  A typical person
> that I deal with would be a small networking integrator that is selling
> Bay routers to school districts.  This is not somebody who reads
> RFCs, and most of them don't have any idea what issues face the
> Internet today.  I'm not sure what we can do, but this is one of the
> types of people that severely need the education.  I guess it probably
> falls back on the vendors here to educate their resellers and customers.

Ideally, ingress filtering would be applied as close to the edges as possible. 
 This, for obvious reasons (one of which you pointed out above), isn't 
feasible.  What is feasible is that all providers that possess some amount of 
cluefulness (this should cover *most* at the public exchanges),  deploy 
ingress filtering on their customer connections.

IMO, vendors should only be accountable for providing mechanisms to put these 
policies in place, most of which already exist.  It's the responsibility of 
the participants of groups such as this to see that those policies are 
deployed.

-danny





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.