nanog mailing list archives

Re: SYN spoofing

From: Daniel Senie <dts () senie com>
Date: Wed, 28 Jul 1999 14:45:53 -0400


Wayne Bouchard wrote:


Right, but ISPs can still filter on the corporate networks and at the
aggregation points for DSL and dial and any non-bgp customer. Those
talking BGP to you should be encouraged to do similarly. The full
thing is like next to impossible to maintain but doing these kinds of
relatively stady-state bits and pieces can help.


And especially filtering out stuff like RFC 1918 source addresses and
such. That kind of thing should be possible on all routers (core and
edge) rather than adding to the pollution on the 'net.

-- 
-----------------------------------------------------------------
Daniel Senie                                        dts () senie com
Amaranth Networks Inc.            http://www.amaranthnetworks.com

Current thread:

SYN spoofing bandregg (Jul 26)
- Re: SYN spoofing Dan Hollis (Jul 26)
  - Re: SYN spoofing John Fraizer (Jul 28)
    - Re: SYN spoofing Joe Shaw (Jul 28)
    - Re: SYN spoofing Daniel Senie (Jul 28)
    - Re: SYN spoofing Greg A. Woods (Jul 28)
    - Re: SYN spoofing Vijay Gill (Jul 28)
    - Re: SYN spoofing Wayne Bouchard (Jul 28)
    - Re: SYN spoofing Daniel Senie (Jul 28)
    - Re: SYN spoofing Forrest W. Christian (Jul 28)
    - Re: SYN spoofing Deepak Jain (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing batz (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing Jeremy Porter (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing Jeremy Porter (Jul 28)
    - Re: SYN spoofing Dan Hollis (Jul 28)
    - Re: SYN spoofing John Fraizer (Jul 30)

(Thread continues...)