Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DDOS Countermeasures RFC

From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 31 Jan 2001 09:35:26 -0700 (MST)
On Wed, 31 Jan 2001, Eric Vyncke wrote:


As a Cisco employee, I would be afraid of changing the default behavior
of a router. This would generate thousands of calls to our support center
of people complaining: 'this was working before but after upgrade
it does not work anymore' (for people having a non 'leaf-subnet')... ;-)


I realize there would be a period of pain.  I'm of the opinion that Cisco
just has to suck it up and take one for the team.



As you probably know, this command is already existing under a more
esoteric form:
   ip verify unicast reverse-path



Being on by default is the key, by my thinking.

                                        Ryan

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: