nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ICMP Attacks???????

From: "Peter E. Giza" <giza () adsmart net>
Date: Thu, 21 Aug 1997 20:55:16 -0400
Make them read the 'ingress/egress filtering' by Paul Fergusson et. al.
Apologies to
Paul if I spelled his name incorrectly.

Jon Green wrote:


On Thu, 21 Aug 1997 13:18:34 -0700, fair () clock org writes:


There is another mitigation: everyone here should commit to filtering



customer packets at the customer premesis router (or at the dial in

for

PPP/SLIP) such that it is not possible for a customer to send a

packet into

the network that has an IP source address on it that is not assigned

to

that customer. That is, no more lying about source addresses.


Every time I show a customer of mine how to configure a router, I
try to educate them on this.  We need some kind of massive marketing
effort to get this out to people though.  People would do it, but
nobody
knows about it.

Maybe we should get CyberPromo to spam all the technical contacts
in Internic's database to tell them how to do filtering. :)

-Jon

     -----------------------------------------------------------------

    *      Jon Green            *         "Life's a dance
*
   *   jcgreen () netINS net       *          you learn as you go"
*
  *  Finger for Geek Code/PGP
*                                       *
 *  #include "std_disclaimer.h" *
http://www.netins.net/showcase/jcgreen *
 -
-----------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: