10 Oct
2004
10 Oct
'04
11:14 p.m.
the problem is that isp security folk doing actual measurement see very little spoofing. it's easy for the bad folk to get real bots. and tcp bad things are more popular and desirable, e.g. spam, ... and tcp does not work from spoofed addresses. isp security folk have limited resources. so why should they spend them where there is little perceived benefit when there are gaping holes elsewhere that need those resources? yes, it's a nice thing to do. but, in today's disasterous economy, so are 42 other things that won't get done. so it's growing slowly. when it solves critical problems, it'll grow more quickly. randy