6 Mar
2004
6 Mar
'04
10:04 p.m.
On Sun, 7 Mar 2004, Paul Vixie wrote:
don't be lulled into some kind of false sense of security by the fact that YOU are not seeing spoofed packets TODAY. let's close the doors we CAN close, and give attackers fewer options.
I don't have a false sense of security. We have lots of open doors and windows and even missing walls. Let's close the doors we can close, but buying screen doors for igloos may not be the best use of resources. uRPF doesn't actually prevent any attacks. Would you rather ISPs spend money to 1. Deploying S-BGP? 2. Deploying uRPF? 3. Respond to incident reports?