nanog mailing list archives

Re: BCP38 deployment [ was Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ]

From: Valdis.Kletnieks () vt edu
Date: Mon, 26 Sep 2016 03:14:44 -0400

On Sun, 25 Sep 2016 21:19:31 -0700, Hugo Slabbert said:

Linux:
From /etc/sysctl.conf:

# Uncomment the next two lines to enable Spoof protection (reverse-path=20
# filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

Unfortunately, the net.ipv6 equivalents for those do not yet seem to be a
thing on Linux.


See net/ipv6/netfilter/ip6t_rpfilter.c

Also, note that a lot of net.ipv4.conf variables also apply to ipv6 (though
checking the source tree, this isn't one of them, unless it's via a  macro that
some quick grepping didn't find...)

Attachment: _bin
Description:

Current thread:

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey, (continued)
- - - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Christopher Morrow (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Brett Watson (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Justin Paine via NANOG (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jared Mauch (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jay Farrell via NANOG (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jay R. Ashworth (Sep 24)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jay Farrell via NANOG (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jay R. Ashworth (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Stephen Satchell (Sep 25)
    - BCP38 deployment [ was Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ] Hugo Slabbert (Sep 25)
    - Re: BCP38 deployment [ was Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ] Valdis . Kletnieks (Sep 26)
    - Re: BCP38 deployment [ was Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ] Vincent Bernat (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mark Milhollan (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Royce Williams (Sep 26)
    - Message not available
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John Kristoff (Sep 26)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Ca By (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Jay R. Ashworth (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Ca By (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey Mike Hammett (Sep 25)
    - Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey John Levine (Sep 25)

(Thread continues...)