17 Feb
1998
17 Feb
'98
5:39 p.m.
See RFC2267.
- paul
Good news.
One more question (just is there is someone from the CISCO) - what's about source-address filtering at default for the access servers/routers? Note all this problems (SMURF, DENIAL-ATTACK, DNS-FRAUDING, etc etc) can be 100% blocked if ISP would not allow it's customers to send IP packets with the wrong SRC address. If not, they (hackers) should found new, new and new tricks to fraud any IP network.
You can apply the RPF idiom from multicast to block unicast flooding. This would instantly solve the problem, though I am not sure what overhead the path evaluation would incur. BR brad@iagnet.net