On 3/9/23 22:27, Aaron1 wrote:
Sounds like something uRPF would prevent
Does anyone do uRPF ? lol
On routers where we carry a full table, we do.
Mark.
On Thu, Mar 9, 2023 at 5:12 PM William Herrin wrote:
> It's trivial to turn a $5 VPS into a disposable VPN head-end that can
> spray TCP SYN packets at a modest rate, and once the packet is on the
> backbone somewhere in the world not only can't you do anything about
> it, it's just on the near
On Thu, Mar 9, 2023 at 4:05 PM Grant Taylor via NANOG wrote:
> On 3/9/23 2:19 PM, Christopher Munz-Michielin wrote:
> > Not this exact scenario, but what we see a lot of in my VPS company is
> > people sending spam by using our VPS' source addresses, but routing
> > outbound via some kind of
On 3/9/23 2:19 PM, Christopher Munz-Michielin wrote:
Not this exact scenario, but what we see a lot of in my VPS company is
people sending spam by using our VPS' source addresses, but routing
outbound via some kind of tunnel to a VPN provider or similar in order
to bypass our port 25 blocks.
On 3/9/23 1:39 PM, William Herrin wrote:
I would hope folks are implementing uRPF on commodity broadband
connections. That's one place it works great.
I would hope so too.
I also would hope that uRPF was enabled by default on SOHO routers.
And yet ... I'm routinely disappointed.
CADIA has a
On Thu, 9 Mar 2023, William Herrin wrote:
On Thu, Mar 9, 2023 at 12:27 PM Aaron1 wrote:
Sounds like something uRPF would prevent
Does anyone do uRPF ? lol
I would hope folks are implementing uRPF on commodity broadband
connections. That's one place it works great.
My home wifi AP
On Thu, Mar 9, 2023 at 4:19 PM Christopher Munz-Michielin
wrote:
>
> Not this exact scenario, but what we see a lot of in my VPS company is
> people sending spam by using our VPS' source addresses, but routing
> outbound via some kind of tunnel to a VPN provider or similar in order
> to bypass
Not this exact scenario, but what we see a lot of in my VPS company is
people sending spam by using our VPS' source addresses, but routing
outbound via some kind of tunnel to a VPN provider or similar in order
to bypass our port 25 blocks.
We've had to start blocking source port 25 to catch
On Thu, Mar 9, 2023 at 12:27 PM Aaron1 wrote:
> Sounds like something uRPF would prevent
>
> Does anyone do uRPF ? lol
I would hope folks are implementing uRPF on commodity broadband
connections. That's one place it works great.
Regards,
Bill Herrin
--
For hire.
Sounds like something uRPF would prevent
Does anyone do uRPF ? lol
Aaron
> On Mar 9, 2023, at 2:03 PM, John Levine wrote:
>
> Back in the olden days, a spammer would set up a server with a fast
> broadband connection and a dialup connection, and send out lots of
> spam over the broadband
Back in the olden days, a spammer would set up a server with a fast
broadband connection and a dialup connection, and send out lots of
spam over the broadband connection using the dialup's IP address. Since
mail traffic is quite asymmetric, this got them most of the broadband
speed, and when the
11 matches
Mail list logo
