alex@genesyslab.com said:
No, the key issue is _frauded src addresses_. All others can be remedied easily.
In my opinion the issue is allowing the clueful to scalably protect their networks against those of the clueless or fallible who do not and will not deploy RPF nor secure their servers any time near now. In the mean time, those who want to survive in the market place better put their clue to use and work out how to protect their networks without relying on the actions of others. This is roughly equivalent to saying "lock your door" when you leave your house, rather than complaining that "the *real* problem is actually thieves, and this is what we need to fix". In the words of Mr Bush, I want something for clueful people to be able to type after "conf t". Asking people who probably aren't on this mailing list and almost certainly don't understand the problem to fix *their* network does not cut the mustard. -- Alex Bligh VP Core Network, Concentric Network Corporation (formerly GX Networks, Xara Networks)