North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Interesting new spam technique - getting a lot more popular.
>>>>> "Mikael" == Mikael Abrahamsson <[email protected]> writes: > On Wed, 14 Jun 2006, Christopher L. Morrow wrote: >> is it really that hard to make your foudry/extreme/cisco l3 switch >> vlan and subnet??? Is this a education thing or a laziness thing? >> Is this perhaps covered in a 'bcp' (not even an official IETF >> thing, just a hosters bible sort of thing) ? Mikael> This problem is fixed by following the BCP regarding spoof Mikael> filtering, Only if you also filter _OUTGOING_ traffic, by port, to allow only the destination IPs that the customer equipment should be seeing. Filtering the ingress direction (customer equipment -> your network) does not help (until _everyone_ does it), since the spammer only needs to _receive_ traffic with the hijacked IP, not send it (that can be done from the other corner of the spammer's triangle route). -- Andrew, Supernews http://www.supernews.com