On Wed, Feb 8, 2012 at 10:56 AM, George Bonser <gbonser@seven.com> wrote:
I'll put it another way. Any provider that does not police their customer traffic has no business whining about DoS problems.
Most of us prevent their customers from sending out spoofed traffic. 77% of all networks seem to think so. http://spoofer.csail.mit.edu/summary.php However the remaining networks allow spoofed traffic to egress their networks. When that traffic enters my network, I have no method whatsoever to differentiate it from any other traffic. I could ask my upstream where they see it coming from, which will be quite hard if they do not have pretty fancy systems. But if they receive it from a peer, I am as good as lost in trying to find the culprit. Bas