Re: Networking theories

[Matthew.King () CWO NET AU (Matthew King)]

Hi.

I was referring to large providers doing checking on packets leaving their
networks to make sure that the source is really on the right side of their
network.. Ingress checking can be a problem (if you do it with Cisco
routers) if you network has asymmetrical routes.. Either way.. Very few
providers that I know of (anywhere) do it..

Cya
Matthew

 -----Original Message-----
From:   Jason Legate [mailto:jlegate () alienchick com]
Sent:   Saturday, 6 May 2000 8:02 PM
To:     Matthew King
Cc:     VULN-DEV () SECURITYFOCUS COM
Subject:        Re: Networking theories

Wouldn't this be ingress checking?  Checking incoming packets to see if
they are coming from network space on the inside?

-j

On Sat, May 06, 2000 at 10:58:20AM +1000, Matthew King wrote:
> Hi.
>
> Not many ISP or providers actually do that kind of egress checking.. I do
> not know of many here in Oz that do.
>
> Cya
> Matthew
>
>  -----Original Message-----
> From:         Bluefish [mailto:11a () GMX NET]
> Sent: Saturday, 6 May 2000 10:07 AM
> To:   VULN-DEV () SECURITYFOCUS COM
> Subject:      Re: Networking theories
>
> > victim.org(spoofed) ---> ICMP(source-quench) --->
> > router.victim.org
>
> Actually, there was a email from... cert (I think) ... intended for larger
> companies and ISPs with guidelines for combating DDoS. Among those
> guidelines there was recommendations of checking source IP. So it's a
> known problem which responsible ISPs will stop (but probably most doesn't)
>
> ..:::::::::::::::::::::::::::::::::::::::::::::::::..
>      http://www.11a.nu || http://bluefish.11a.nu
>     eleventh alliance development & security team

--
/-------/ Jason Legate \-------\
|    jlegate () sitesmith com     |
|        SiteSmith, Inc        |
\-\ http://www.sitesmith.com /-/
 \----\ 24x7 Call Center /----/
  \----\  888.898.7667  /----/