In message <barmar-3c4a47.20101026012...@mara100-84.onlink.net>, Barry Margolin writes: > In article <gllha9$2ot...@sf1.isc.org>, > "Tony Toews [MVP]" <tto...@telusplanet.net> wrote: > > > Gregory Hicks <ghi...@hicks-net.net> wrote: > > > > > > >> 2) What are they? > > > > > >They look like the DDoS being discussed on the NANOG list. > > > > > >Have you implemented BCP38? If not, why not... > > > > I have no idea what BCP38 is and how I can implement that. Would you be so > > > kind as > > to supply links relevant to Windows 2003 Server? > > BCP38 is not something you implement, it's something that has to be > implemented by the ISPs hosting the attacking systems. They have to > block forged source IPs from their customers.
BCP 38 is something everyone should implement. A site shouldn't allow packets to leave with bogus source addresses. That being said there is no real expectation that home users will be implementing BCP 38 so it falls back to the ISP's implement to catch the bad packets when they reach their network. > Since there are many ISPs out there that are too lazy, incompetent, or > just don't care, where probably never going to be rid of these kinds of > attacks. Agreed. You can however do your part by choosing ISP/IAP's that deploy BCP 38 over ones that don't. Add it to the selection criteria for a ISP/IAP. Ones that do are probably more clueful overall and you will have less problems in the end. Mark > -- > Barry Margolin, bar...@alum.mit.edu > Arlington, MA > *** PLEASE don't copy me on replies, I'll read them in the group *** > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: mark_andr...@isc.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users