Please reference: http://openresolverproject.org/ http://spoofer.csail.mit.edu/ http://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack ...and anything else to raise the awareness level. Thanks, - ferg (co-perpetrator of BCP38) :-) On Wed, Mar 27, 2013 at 9:48 AM, Alain Hebert <ahebert@pubnix.net> wrote:
bcp38.org coming soon =D
----- Alain Hebert ahebert@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 03/27/13 11:20, Jack Bates wrote:
Outside of needing more details and examples, BCP38 could use more advertising.
The best option, if they would accept it, is to have all RIRs mention BCP38 as well as require that mention of BCP38 be included in all IP justification requests to customers (so that those who receive netblocks from their ISPs are also aware of it).
For ARIN, at least, having it mentioned in the attestation process wouldn't be a bad idea. At least someone of management would be aware of it.
The only issue is see concerning the RIRs is that they may object to it being out of scope to their duties. However, informing people of something is not requiring implementation of something. On the other hand, we know that there are a great number of networks that don't participate with the community at large and may have no idea about BCP38 and why it is important.
Jack
-- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com