Re: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF

To: Rob Beverly rbeverly@localhost
From: Pekka Savola pekkas@localhost
Date: Thu, 14 Sep 2006 17:13:37 +0300 (EEST)
Cc: "Barry Greene (bgreene)" bgreene@localhost, Jaap Akkerhuis jaap@localhost, spoofing-tf@localhost, sava@localhost

On Thu, 14 Sep 2006, Rob Beverly wrote:

Again, not true. Look at the studies for the sources of DOS attacks.
Spoofed source addresses are not currently (nor have they been) the core
contributor.


Sure, but again, consider the recent DNS amplifier attacks and
filter circumvention attacks (using spoofing to send UCE).

I'd be interested in seeing more references on the SPAM-spoofing. Iassume you refer to hijacking an address space (possibly a bogon,possibly in use), sending spam, and switching the prefix continously.This is quite different than 'traditional' spoofing because above alsorequires propagation of false routing information instead of simplysending bogus packets.


--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Re: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF
- From: Rob Beverly

RE: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF
- From: Barry Greene \(bgreene\)
Re: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF
- From: Rob Beverly

<<< Chronological >>>

Author Subject

<<< Threads >>>