On Feb 3, 2014 10:23 AM, "Paul Ferguson" <fergdawgs...@mykolab.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 2/2/2014 2:17 PM, Cb B wrote: > > > And, i agree bcp38 would help but that was published 14 years ago. > > But what? Are you somehow implying that because BCP38 was > "...published 14 years ago" (RFC2267 was initially published in 1998, > and it was subsequently replaced by RFC2827)? > > I hope not, because BCP38 filtering would still help stop spoofed > traffic now perpetuating these attacks, 14 years after BCP38 was > published, because spoofing is at the root of this problem > (reflection/amplification attacks). > > This horse is not dead, and still deserves a lot of kicking. > > $.02, > > - - ferg (co-author of BCP38) >
I completely agree. My sphere of influence is bcp38 compliant. And, networks that fail to support some form of bcp38 are nothing short of negligent. That said, i spend too much time taking defensive action against ipv4 amp udp attacks. And wishing others would deploy bcp38 does not solve today's ddos attacks. CB > > - -- > Paul Ferguson > VP Threat Intelligence, IID > PGP Public Key ID: 0x54DC85B2 > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iF4EAREIAAYFAlLv3ocACgkQKJasdVTchbLhowEAuO9DSQiRswVeqpHSccHo060h > cqmIB8XlaNkzEPQw1w0A/0G6cjvtWBiJfwWbWoTY7X3RRMHeN36RkYR+2TonyNBi > =W2wU > -----END PGP SIGNATURE-----