North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Source address validation (was Re: UUNet Offer New Protection
- From: Paul Vixie
- Date: Sun Mar 07 02:26:37 2004
email@example.com (Sean Donelan) writes:
> How many exploits does uRPF block?
that's hard to measure since we end up not receiving those. but one can
assume that spoofed-source attacks aren't tried, either because (1) it's
easier to just use a high number of windows-xp drones, or because of (2)
> Does uRPF solve more problems than it causes, and saves more than it costs?
until you know what percentage of the attacks you don't see is due to (1)
vs (2) above, you can't really pose that question meaningfully. anytime
there's a way to protect against a whole class of attack weapons, we have
to deploy it. this is war, information warfare. let's deprive the enemy
of options until we can force them to meet us on our own chosen terms.