North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: FW: Re: Is there a line of defense against Distributed Reflective attacks?
- From: John Kristoff
- Date: Sun Jan 19 08:38:13 2003
On Sat, Jan 18, 2003 at 10:45:11PM -0600, Chris Adams wrote:
> How is this different than "ip verify unicast reverse-path" (modulo CEF
> problems and bugs, which of course NEVER happen :-) )?
It would be useful for all sorts of things besides verifying a source
address. So in addition to complicated configurations such as multi-
homing/paths that you mention, it could also be useful for standard
filters on protocols, ports, logging and so on.