julienCSOFT.NET

• Next message: CDI: "Re: sshd and pop/ftponly users incorrect configuration"
• Previous message: Marc Slemko: "Re: CGI.pm and the untrusted-URL problem"
• In reply to: Darren Reed: "Re: DDOS Attack Mitigation"
• Next in thread: Bennett Todd: "Re: DDOS Attack Mitigation"
• Next in thread: John Payne: "Re: DDOS Attack Mitigation"
• Next in thread: Darren Reed: "Re: DDOS Attack Mitigation"
• Reply: Julien Nadeau: "Re: DDOS Attack Mitigation"
• Reply: Bennett Todd: "Re: DDOS Attack Mitigation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> You know if anyone was of a mind to find someone at fault over this,
> I'd start pointing the finger at ISP's who haven't been doing this
> due to "performance reasons". They've had the ability to do it for
> years and in doing so would seriously reduce the number and possibility
> of "spoofing" attacks.

Agreed, I myself work for an ISP which provides co-location services,
and at first most admins (with years of experience might i add), just
don't
cared much about what's going out. When I got them all to filter
outgoing
packets, traffic dropped.

A solution would be for kernels to provide an option to keep a local
IP lookup table which could be simply based on network interfaces; of
course, given an stable implementation, this option enabled by default
would take care of spoofing problems for admins who don't think much
about what they're sending out -- i mean, they're big part of the
problem.

• Next message: CDI: "Re: sshd and pop/ftponly users incorrect configuration"
• Previous message: Marc Slemko: "Re: CGI.pm and the untrusted-URL problem"
• In reply to: Darren Reed: "Re: DDOS Attack Mitigation"
• Next in thread: Bennett Todd: "Re: DDOS Attack Mitigation"
• Next in thread: John Payne: "Re: DDOS Attack Mitigation"
• Next in thread: Darren Reed: "Re: DDOS Attack Mitigation"
• Reply: Julien Nadeau: "Re: DDOS Attack Mitigation"
• Reply: Bennett Todd: "Re: DDOS Attack Mitigation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]