Vulnerability Development mailing list archives
Automatic antispoofing rules on access servers.
From: Lincoln Yeoh <lyeoh () POP JARING MY>
Date: Tue, 19 Sep 2000 10:50:48 +0800
I believe antispoofing filters won't really use up much CPU. So probably one of the main reasons ISPs don't use them at their access servers is the administrative cost in maintaining the rules. However I recently noticed that Cisco has a feature which seems to make this simpler to do. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121 t/121t2/rpf_plus.htm Do other major router/access server manufacturers have similar features? If such features were more widely used, smurfing and spoofing stuff would be a lot more difficult than it is now. Are there any problems which would discourage use by ISPs? Cheerio, Link.
Current thread:
- Cisco CDP attacks FX, Phenoelit (Sep 18)
- Automatic antispoofing rules on access servers. Lincoln Yeoh (Sep 19)
- Re: Automatic antispoofing rules on access servers. Ryan Permeh (Sep 19)
- Re: Automatic antispoofing rules on access servers. Lincoln Yeoh (Sep 20)
- Re: Automatic antispoofing rules on access servers. Ryan Permeh (Sep 20)
- Re: Automatic antispoofing rules on access servers. Ryan Permeh (Sep 19)
- Automatic antispoofing rules on access servers. Lincoln Yeoh (Sep 19)