Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Fwd: Protocol Action: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing to BCP

  • From: Paul Ferguson
  • Date: Tue Feb 15 11:59:23 2000

FYI,

- paul


>To: IETF-Announce:;
>Cc: RFC Editor <rfc-editor@isi.edu>
>Cc: Internet Architecture Board <iab@isi.edu>
>From: The IESG <iesg-secretary@ietf.org>
>Subject: Protocol Action: Network Ingress Filtering: Defeating Denial
>         of Service Attacks which employ IP Source Address Spoofing to BCP
>Date: Tue, 15 Feb 2000 09:23:37 -0500
>Sender: scoya@cnri.reston.va.us
>
>
>
>The IESG has approved 'Network Ingress Filtering: Defeating Denial of
>Service Attacks which employ IP Source Address Spoofing' <rfc2267> as a
>Best Current Practice.
>
>The IESG Contact Persons are Randy Bush and Bert Wijnen.
>
>  
>Technical Summary
>  
>  This document describes recommended router configurations to reduce
>  likelihood of attacks over the network.  It describes how an ISP customer
>  aggregation router should be configured to prevent a customer from sending
>  packets with source addresses from space other than their own.
>
>Working Group Summary
>
>  This is not the product of a working group, but has been used in practice,
>  has passed general IETF last call twice, and is generally considered to be
>  good practice.
>
>Protocol Quality
>
>  This was reviewed for the IESG by Randy Bush.
>






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.