nanog mailing list archives
Re: Blocking spoofing at the source (was: ICMP Attacks??)
From: David Bolen <db3l () ans net>
Date: Fri, 29 Aug 97 19:16:47 EDT
Robert Sanders <rsanders () mindspring net> writes:
I plan to deploy anti-spoofing filters throughout our access network before the end of September. Is anybody else running or planning to implement similar filters?
We've been doing this (also with USR total control hardware) since we first started handling large scale dialup IP a bit over a year ago. Before USR had the dynamic filters, we just preloaded per-customer filters into each box and referenced it with a normal filter id. While we couldn't make the filters specific to the user, they did restrict traffic to the source address block from which all dynamic addresses were assigned, so even if they spoofed, it would still track back to a block that ANS was identified with, and we could work backwards through our call records to try to track it down. -- David /-----------------------------------------------------------------------\ \ David Bolen \ Internet: db3l () ans net / | ANS Communications, Inc. \ Phone: (914) 789-5327 | / 100 Clearbrook Road, Elmsford, NY 10523 \ Fax: (914) 789-5310 \ \-----------------------------------------------------------------------/
Current thread:
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Joe Rhett (Aug 22)
- <Possible follow-ups>
- Re: Blocking spoofing at the source (was: ICMP Attacks??) David Bolen (Aug 29)