North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Interesting new spam technique - getting a lot more popular.
- From: Andrew - Supernews
- Date: Wed Jun 14 12:59:27 2006
>>>>> "Mikael" == Mikael Abrahamsson <email@example.com> writes:
> On Wed, 14 Jun 2006, Christopher L. Morrow wrote:
>> is it really that hard to make your foudry/extreme/cisco l3 switch
>> vlan and subnet??? Is this a education thing or a laziness thing?
>> Is this perhaps covered in a 'bcp' (not even an official IETF
>> thing, just a hosters bible sort of thing) ?
Mikael> This problem is fixed by following the BCP regarding spoof
Only if you also filter _OUTGOING_ traffic, by port, to allow only the
destination IPs that the customer equipment should be seeing.
Filtering the ingress direction (customer equipment -> your network)
does not help (until _everyone_ does it), since the spammer only needs
to _receive_ traffic with the hijacked IP, not send it (that can be
done from the other corner of the spammer's triangle route).