On Fri, 13 Feb 1998 Havard.Eidnes@runit.sintef.no wrote:
Anyone have any idea where most of the attacks originate: dial-up ports or from folks more directly connected to the net? (I'd bet on a happy mix ;-)
A common theme seems to be cable modems -- I fear that some cable companies have more money than brains and provide their users with huge bandwidth and no IP spoof checking... It seems to me that the only way to stop IP spoofing is to implement a small amount of regulation (ugly word, I know). If MCI, Sprint, and all other larger players simply stated that one cannot connect to their network without a router audit of some kind, most of these problems would go away. If I were Joe ISP and I was told that my carrier is allowed to, at any time, audit my router config, and shut me down if I didn't have the rules set right, I would be pretty sure to make sure I got things right. Just a thought...