nanog mailing list archives
Re: Re[2]: SYN floods (was: does history repeat itself?)
From: Joel Gallun <joel () wauug erols com>
Date: Thu, 12 Sep 1996 14:52:10 -0400 (EDT)
What you propose is a Good Thing (tm), but I don't think it's sufficient. It still doesn't protect the 'net from antisocial behavior perpetrated by someone who has penetrated a system with dedicated access to the 'net. It seems like it would still be necessary for anyone selling dedicated access to install Good Neighboor (tm) anti-spoofing filters on their inbound interfaces (which probably requires MIPS that the routers in the field don't have). Regards, Joel On Thu, 12 Sep 1996, John G. Scudder wrote:
At 1:44 PM -0400 9/12/96, Curtis Villamizar wrote:I agree with you completely -- sort of. Only problem is there are thought to be some 3,000 dial access providers. Many of them barely know what a TCP SYN is, let alone why they need to block ones with random source addresses and how. Unless of course you are^^^^^^^^^^^^^^^^^^^^^^^^volunteering to explain it and help them. Thanks in advance. :-)^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Curtis, this is a great point. USR and other NAS vendors are actually in a great position to do exactly this, by changing their boxes to block random addresses *by default* on dial-up ports. This is of course exactly the point Vadim and others keep making, and of course as they point out there ought to be a knob to disable it if desired. Insofar as guys who "barely know what a TCP SYN is" are unlikely to twist the knobs, defaulting filtering to "block spoofed addresses" seems like the best and maybe only way to get them to do it. How about it, USR &al? --John -- John Scudder email: jgs () ieng com Internet Engineering Group, LLC phone: (313) 669-8800 122 S. Main, Suite 280 fax: (313) 669-8661 Ann Arbor, MI 41804 www: http://www.ieng.com
- - - - - - - - - - - - - - - - -
Current thread:
- Re[2]: SYN floods (was: does history repeat itself?) Pat Calhoun (Sep 09)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Message not available
- Re: Re[2]: SYN floods (was: does history repeat itself?) Sharif Torpis (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alexis Rosen (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[2]: SYN floods (was: does history repeat itself?) John G. Scudder (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Joel Gallun (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Michael Dillon (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Alex.Bligh (Sep 12)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Neil J. McRae (Sep 13)
- <Possible follow-ups>
- Re: SYN floods (was: does history repeat itself?) Ben Tersian (Sep 09)
- Re: Re[2]: SYN floods (was: does history repeat itself?) Justin W. Newton (Sep 09)
- Re[4]: SYN floods (was: does history repeat itself?) Pat Calhoun (Sep 09)
- Re[4]: SYN floods (was: does history repeat itself?) Pat Calhoun (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Alec H. Peterson (Sep 10)
- Re: Re[4]: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 10)