5 Aug
2003
5 Aug
'03
9:36 p.m.
On Wed, 6 Aug 2003, Paul Vixie wrote:
More and more there is less and less spoofing, its just not required and it causes more damage with less effort :( Why spoof when you have 1000 machines pumping 1 packet per second? (or 10)
leaving the spoofing option open for future generations of attacks, rather than having a witch-hunt and tracking down and upgrading every insecure edge, is just about the worst thing we could do. because when an attacker wants an extra edge, they'll add spoofing to their attack profile, and the core's immune system will be totally unprepared.
I don't believe I ever said that the edges shouldn't filter... did I?