Re: SYN floods continue
Until this problem becomes gigantic enough that it affects large networks such as MCI, Sprint, UUNet, etc. I don't predict much will be done.
History is such a strange beast. I believe one of Sprint's engineers called for this type of filtering several years ago. AT&T's WorldNet advertises something called "source address assurance" on their network. ANS did some filtering at one point, but I was never very clear what exactly they were checking. I don't think you can blame the lack of action solely on the large networks. Raise your hands, how many little providers didn't have outbound filters/access-lists on their networks before you were attacked? How many didn't have inbound filters/access-lists on their customer networks? The Mobile IP folks complained this would prevent their work last time this came up. Since then firewalls have led to the increased use of tunnelling for Mobile IP, so this may not be as much of a concern now. This might be a nice addition to RtConfig. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
participants (1)
-
Sean Donelan