On Sat, 21 Sep 1996, Matthew Kaufman wrote:
Source address filters do benefit the small ISP by making him less of a target for hackers looking for a staging point.
You think a hacker is going to break into your router to check out your IP filter lists first, before breaking into your Unix boxes to attempt an (unsuccessful) attack?
No, they break into your servers, run a source-spoofing test, then leave to find greener pastures. If they could break into the routers they would just modify the filters but it's harder to break into a router than a server. Michael Dillon - ISP & Internet Consulting Memra Software Inc. - Fax: +1-604-546-3049 http://www.memra.com - E-mail: michael@memra.com