Home page logo
/

nanog logo nanog mailing list archives

RE: Network Operators and smurf
From: Doug Stanfield <DOUGS () oceanic com>
Date: Mon, 27 Apr 1998 07:22:06 -1000

Don't assume it's not needed for the 75xx, or anything else for that
matter.  Many networks are single connected to routers that are also
acting multihomed to core providers and these boxes are being used.

Doug Stanfield                          Oceanic Cable            
Data Networking Manager         200 Akamainui St.
dougs () oceanic com            Mililani, HI  96789


        
        Usially the low-end traffic is symmetrical. The problem is that
CEF code 
        and other anty-frauding realisations are appearing for the
high-end 
        routers, white they are nessesary for the low-end routers and
useless for 
        the core routers. For cisco, we need this future for
4500/4700/3640/2511 
        ASAP, 720x slightly, and don't need it for 75xx at all.





        On Sat, 25 Apr 1998, Al Reuben wrote:

        > Date: Sat, 25 Apr 1998 12:30:50 -0400 (EDT)
        > From: Al Reuben <alex () nac net>
        > To: Havard.Eidnes () runit sintef no
        > Cc: jra () scfn thpl lib fl us, nanog () merit edu
        > Subject: Re: Network Operators and smurf
        > 
        > 
        > > This should (naturally) be implemented where routing is
symmetric
        > > and where a "reverse-path check" (looking up the source
address in
        > > the routing table to find the "expected" incoming interface
and
        > > checking whether the packet did indeed enter through that
interface)
        > 
        > The big question is, what do you do if most of your traffic
_is_
        > asymetrical? I mean, a more basic check could be, "Does the
network that
        > this packet was sourced from exist *at all*?", or "Do I have a
route back
        > to the source network through *any* interface?"
        > 
        > That would cut down on a good amount of spoofing, like the
idiots who
        > spoof from 1.1.1.1 etc.
        > 
        > 
        > 

        Aleksei Roudnev, Network Operations Center, Relcom, Moscow
        (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095)
239-10-10, N 13729 (pager)
        (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]