mailing list archives
RE: Network Operators and smurf
From: Doug Stanfield <DOUGS () oceanic com>
Date: Mon, 27 Apr 1998 07:22:06 -1000
Don't assume it's not needed for the 75xx, or anything else for that
matter. Many networks are single connected to routers that are also
acting multihomed to core providers and these boxes are being used.
Doug Stanfield Oceanic Cable
Data Networking Manager 200 Akamainui St.
dougs () oceanic com Mililani, HI 96789
Usially the low-end traffic is symmetrical. The problem is that
and other anty-frauding realisations are appearing for the
routers, white they are nessesary for the low-end routers and
the core routers. For cisco, we need this future for
ASAP, 720x slightly, and don't need it for 75xx at all.
On Sat, 25 Apr 1998, Al Reuben wrote:
> Date: Sat, 25 Apr 1998 12:30:50 -0400 (EDT)
> From: Al Reuben <alex () nac net>
> To: Havard.Eidnes () runit sintef no
> Cc: jra () scfn thpl lib fl us, nanog () merit edu
> Subject: Re: Network Operators and smurf
> > This should (naturally) be implemented where routing is
> > and where a "reverse-path check" (looking up the source
> > the routing table to find the "expected" incoming interface
> > checking whether the packet did indeed enter through that
> The big question is, what do you do if most of your traffic
> asymetrical? I mean, a more basic check could be, "Does the
> this packet was sourced from exist *at all*?", or "Do I have a
> to the source network through *any* interface?"
> That would cut down on a good amount of spoofing, like the
> spoof from 126.96.36.199 etc.
Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095)
239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
RE: Network Operators and smurf Martin, Christian (Apr 26)
RE: Network Operators and smurf Doug Stanfield (Apr 27)