Blocking spoofed source addresses is a IETF Best Current Practice : http://www.faqs.org/rfcs/rfc2827.html > -----Original Message----- > From: Jay D. Dyson [mailto:jdysonat_private] > Sent: Friday, 28 September 2001 10:01 > To: Incidents List > Subject: RE: Nimda et.al. versus ISP responsibility > > > -----BEGIN PGP SIGNED MESSAGE----- > > On Thu, 27 Sep 2001, Greg A. Woods wrote: > > > > I think there is a mid-ground wherein all ISPs are responsible > > > for both ingress and egress filtering of all traffic on their > > > network to ensure it is valid traffic (e.g.., making sure that > > > customer A cannot inject traffic into the network with a source > > > IP that doesn't belong to them...nearly eliminating spoofing) > > > but stopping short of scanning payloads of packets. > > > > Come on! Get real! > > Any properly formed IP packet is valid traffic! > > With all due respect, you are so horribly misinformed that it's > not even funny. The original author is quite correct that > ISPs are indeed > responsible for ingress and egress filtering in order to diminish the > likelihood of spoofed packets. > > This isn't rocket science. Anyone claiming that ISPs > shouldn't be > taking such steps is either ignorant, misguided, or just > plain opposed to > common-sense security practices. In any case, such people definitely > shouldn't be in charge of any netblock. They're a hazard to > themselves > and the 'net overall. > > - -Jay > > ( ( > _______ > )) )) .-"There's always time for a good cup of > coffee."-. >====<--. > C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private > ------<) | = |-' > `--' `--' `--------------- rm -rf /bin/laden > ---------------' `------' > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > Comment: See http://www.treachery.net/~jdyson/ for current keys. > > iQCVAwUBO7OvxrlDRyqRQ2a9AQE1ZAP/cK1D4C0KKXQR8/PSetzVNcuqutr0VovI > 5XSKp67+qzXkZZ+fVir52qRrVtT97t1GXm9lAev3lpxBVDr4FSSaU/PnpOga0Mlc > cnSzKL50gNpTJskE19mSLvW4Wq/EfZj6M62YvY/OwIhAKPu22sLtEJN9IVs/BzMm > KNh5hXIcO7c= > =9Evg > -----END PGP SIGNATURE----- > > > -------------------------------------------------------------- > -------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Sep 28 2001 - 04:15:34 PDT