nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Denial of service attacks apparently from UUNET Netblocks

From: "Justin W. Newton" <justin () priori net>
Date: Wed, 08 Oct 1997 15:53:25 -0700
At 05:57 PM 10/8/97 EDT, Barney Wolff wrote:

Let me try again, since it seems I wasn't clear enough.  There's been
a lot of delightful talk about whether/how to retrieve the calling phone
on a given port.  But none about how to determine with confidence which
port the nasty packets come from.  Without source address assurance,
any user on any port of any dialin box can source packets with any IP
address(es) desired.  So you don't know which port to go get ANI/CLID
for.


I have been talking to several vendors for several months regarding setting
up filters with variables in them such as $MY_IP which would allow us to do
per port per IP filtering based on the IP address which is based on the IP
of the person dialed in was assigned either by the NAS or the RADIUS
server.  I know of at least 2 vendors which will be releasing the "soon".

**************************************************************
Justin W. Newton                        voice: +1-650-482-2840  
Senior Network Architect                  fax: +1-650-482-2844
PRIORI NETWORKS, INC.                    http://www.priori.net
Legislative and Policy Director, ISP/C   http://www.ispc.org
"The People You Know.  The People You Trust."
**************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: