The can turn it at the first layer 3 gateway though! Suspect though cheap switches with low features!
Sent from my iPhone On 1 Feb 2013, at 08:47, "Ray Bellis" <[email protected]> wrote: > > On 31 Jan 2013, at 18:37, Robert McKay <[email protected]> wrote: > >> Having said that, I think a lot of these kinds of attacks actually originate >> from complicit rogue malware ISPs that have deliberately setup servers such >> that they're able to spoof.. whether they have 'hacker clients' or 'hacked >> clients' or 'fake clients that (oops!) got hacked' or they're actually just >> doing it themselves is kindof beside the point. BCP-38 isn't going to help >> when people just turn it off. > > Every attack I've observed recently has had too short an interval between > packets (i.e. a few microseconds) for them to have come from a broadband > end-user. > > The sources all appear to have been dedicated servers in well connected co-lo > sites. > > I suspect most dedi-server operators don't (or can't) apply uRPF on customer > facing switch ports :( > > Ray > > >
