[e2e] DDoS attack vs. Spoofing of Source Address
John Kristoff
jtk at northwestern.edu
Thu Jan 19 17:31:29 PST 2006
On Thu, 19 Jan 2006 16:43:23 -0800
Fred Baker <fred at cisco.com> wrote:
> Your first point is valid, but yet we see spoofing in the network -
> less than a while back, but still a lot. Ingress Filtering has value
> in limiting spoofing, and while yes it helps the customers of other
> networks, it also helps the customers of my network, which I will
> argue is my incentive to deploy it. In limiting spoofing, I partially
> mitigate certain classes of attacks as close to their source as I can
> put it.
Darn it, I knew someone was going to say something like that as if
I think limiting spoofing in general is a waste of time. That is
not the message I intended to convey. Limiting is good and it does
help. I'm a supporter of it and I do it rigorously in networks I
help run (and let me tell you how much of a pain it is to manage for
multicast service some time). However, it is not going to make most
of the DoS attacks seen today go away one bit.
John
More information about the end2end-interest
mailing list