Mark Felder <[email protected]> 2014-09-16: > On Tue, Sep 16, 2014, at 08:20, Lowell Gilbert wrote: > > Spoofing traffic is pretty easy. The reason it isn't generally a problem > > is that knowing what to spoof is more difficult. [I assume that's what > > feld@ actually meant, but it's an important distinction.] > > How many AS are out there don't implement BCP38? Spoofing these days > without MITM should be considered hard, and TCP even harder, no? I'd > find it more believable that it's easier to hijack BGP than to target > someone and successfully spoof TCP.
FWIW, if that assumption about the BCP38 adoption rate were true, then we would see less reflected DoS attacks than we actually do these days. -- Daniel Roethlisberger http://daniel.roe.ch/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
