This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-list@ripe.net/
Proposal for a RIPE "IP Spoofing" Task Force
- Previous message (by thread): Proposal for a RIPE "IP Spoofing" Task Force
- Next message (by thread): RIR Comparative Policy Overview Update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jeroen Massar
jeroen at unfix.org
Thu Apr 6 19:31:36 CEST 2006
On Thu, 2006-04-06 at 16:25 +0200, Daniel Karrenberg wrote: > Dear colleagues, > > unfortunately DoS amplification attacks are still with us. [..] I think it is very good think to have such a working group. The biggest reason that I heared from various ISP's for not doing RPF/ingressfiltering etc. is that they claim their gear doesn't support it, or that it would overload their hardware too much, thus they don't want to enable it. Same reason why they don't filter out RFC1918 and other darkspace in many places. Still having even 80% of the places doing it takes care of those 80% places. The other nests can't be controlled anyway. Getting everybody to cooperate is probably not done. Maybe a good incentive would be that ISP's would not link to another network if that other network, but that brings in a lot of political issues too next too technical ones... Transit ISP's could of course in those cases filter out their downstream customers, which is what they should be doing IMHO... Maybe a "Secure Internet Working" TF is a better idea, then it can also raise awareness in the future of possible S-BGP/BGP-S solutions, anti-spam solutions, closing down relays, tracking ddos bots... oops too many potholes, better focus on one I guess ;) Greets, Jeroen -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 315 bytes Desc: This is a digitally signed message part URL: </ripe/mail/archives/ripe-list/attachments/20060406/1081bbb7/attachment.sig>
- Previous message (by thread): Proposal for a RIPE "IP Spoofing" Task Force
- Next message (by thread): RIR Comparative Policy Overview Update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]