This is as big a reason as any for providers to start filtering their _outgoing_ traffic so that only addresses which could have originated in your network can pass out of your network.
And if you don't do this, very soon your provider will yank your connection and sue *YOU* for damages if not fraud. Think about it... The company who gets allocated 192.0.2/8 pays Sprint for access to the net. You pay MCI for access for the net. One of your customers launches a SYN storm and your provider identifies a certain number of packets leaving your network with 192.0.2/8 addresses which are part of the attack. Sprint gets a court order to see those records after the attack is tracked down to your network. Sprint sues you and has the police lay fraud charges against you because your network was illegally impersonating a Sprint customers network and as a result, your packets transitted a route through Sprint's infrastructure that neither you nor MCI were supposed to use. Could it happen? If that's what it takes to prevent GIF at 11 then, yes it could happen. You see there is a fundamental law of the universe that as you approach GIF at 11 the fabric of the universe stretches and distorts in a chaotic fractal manner such that you can never actually reach the point where GIF at 11 occurs. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com