I think its time for the larger providers to start filtering packets coming from customers so that they only accept packets with the customer's network number on it.
This is VERY important as well. Better to limit the trouble to a local network.
I disagree. A better way to do this would be for providers to cooperate to track down the people who are doing it and make sure to flood the media with press releases when the culprits are arrested. If the cracker wannabe's realize that source-spoofed SYN attacks can still be quickly traced, they will stop doing it.
And the cooperation would do the net some good; maybe lead to more cooperation down the line.
Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com
Avi