nanog mailing list archives
Re: Internet SYN Flooding, spoofing attacks
From: Mark Prior <mrp () connect com au>
Date: Sat, 12 Feb 2000 23:18:54 +1030
We (at least cisco, anyways) already have a knob for this: [no] ip verify unicast reverse-path We call it Unicast RPF. And its well documented... NOT and available on all routers/interfaces... NOT If it was documented and available on things like PRIs then it would be a lot easier to deploy. Also some of the bugs that turn off CEF need to be addressed (or at least also cause "ip verify unicast reverse-path" to be turned off too). Mark.
Current thread:
- Re: Internet SYN Flooding, spoofing attacks Vijay Gill (Feb 11)
- <Possible follow-ups>
- Re: Internet SYN Flooding, spoofing attacks Paul Ferguson (Feb 11)
- Re: Internet SYN Flooding, spoofing attacks Vijay Gill (Feb 11)
- Message not available
- Re: Internet SYN Flooding, spoofing attacks Paul Ferguson (Feb 11)
- Re: Internet SYN Flooding, spoofing attacks Mark Prior (Feb 12)
- Re: Internet SYN Flooding, spoofing attacks Mark Prior (Feb 12)