Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: what's that smell?

  • From: Iljitsch van Beijnum
  • Date: Tue Oct 08 10:42:45 2002

On Tue, 8 Oct 2002, Kelly J. Cooper wrote:

> Also, egress filtering is NOT easy,

I don't care. And it doesn't have to be egress filtering as such,
filtering packets you receive from your customers will work just as well.

> Plus, lots of attacks these days are mixing spoofed and legit traffic,
> or doing limited spoofing (i.e. picking random addresses on the LAN
> where they originate to make it past filters).

What's your point? That because someone can do bad thing #1 that can't be
prevented, we should allow them to do bad thing #2 that can?

If they use (semi-) legitmate addresses, at the very least I can track
them and with some effort I can filter them. If they spoof then I can't do
anything. This is not acceptable.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.