-----BEGIN PGP SIGNED MESSAGE----- On Thu, 27 Sep 2001, Greg A. Woods wrote: > > I think there is a mid-ground wherein all ISPs are responsible > > for both ingress and egress filtering of all traffic on their > > network to ensure it is valid traffic (e.g.., making sure that > > customer A cannot inject traffic into the network with a source > > IP that doesn't belong to them...nearly eliminating spoofing) > > but stopping short of scanning payloads of packets. > > Come on! Get real! > Any properly formed IP packet is valid traffic! With all due respect, you are so horribly misinformed that it's not even funny. The original author is quite correct that ISPs are indeed responsible for ingress and egress filtering in order to diminish the likelihood of spoofed packets. This isn't rocket science. Anyone claiming that ISPs shouldn't be taking such steps is either ignorant, misguided, or just plain opposed to common-sense security practices. In any case, such people definitely shouldn't be in charge of any netblock. They're a hazard to themselves and the 'net overall. - -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee."-. >====<--. C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private ------<) | = |-' `--' `--' `--------------- rm -rf /bin/laden ---------------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBO7OvxrlDRyqRQ2a9AQE1ZAP/cK1D4C0KKXQR8/PSetzVNcuqutr0VovI 5XSKp67+qzXkZZ+fVir52qRrVtT97t1GXm9lAev3lpxBVDr4FSSaU/PnpOga0Mlc cnSzKL50gNpTJskE19mSLvW4Wq/EfZj6M62YvY/OwIhAKPu22sLtEJN9IVs/BzMm KNh5hXIcO7c= =9Evg -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 17:18:33 PDT