Ken Leland put this into my mailbox:
sure thing Karl, but its a virtual requirement that zillions of nets are ignoring, and getting 99.99 percent compliance will take serious time, if it is even doable. Without very high compliance the smurfkids will have readily available, low-bandwidth launch points that are the devil to trace. We need interim solutions, and icmp-echo-reply filtering is what we've got, *if* the backbones will continue to provide it.
I suspect the problem is that most nets were set up by consultants, and the people working at these companies/schools/whatever were instructed 'not to touch the internet box'. The consultant, then, is either no longer employed by the site or doesn't know about this (your average Novell CNE probably doesn't subscribe to NANOG). Perhaps if there were some sort of incentive; Ms. Hubbard and the InterNIC could make even more money by imposing some sort of penalty for noncompliance. They could even charge money for sites that don't read (or have) postmaster@ e-mail, and perhaps charge penalties for domains with out-of-date contact information, and make even more money. (Sorry; I've got an enormous flame about ARIN bottled up just looking for a venue; I promise I won't send it to NANOG.) Seriously, though, if nobody comes up with an incentive so that it will be harmful for sites NOT to implement these filters, folks can piss into the wind all they like, and absolutely nothing will happen. Spoofing has been a real problem for over a year now, and has shown no signs of going away. -dalvenjah -- Dalvenjah FoxFire (aka Sven Nielsen) I bet living in a nudist colony takes Founder, the DALnet IRC Network all the fun out of Halloween. e-mail: dalvenjah@dal.net WWW: http://www.dal.net/~dalvenjah/ whois: SN90 Try DALnet! http://www.dal.net/