On 22/02/2014 09:07, Cb B wrote: > Summary IETF response: The problem i described is already solved by > bcp38, nothing to see here, carry on with UDP
udp is here to stay. Denying this is no more useful than trying to push the tide back with a teaspoon. It's worth bearing in mind that any open tcp service will send out several acks before giving up. In other words, any standard open tcp socket will provide a level of amplification worth using even if UDP were to be switched off tomorrow. Sure, not as good as the 230x amplification that ntp monlist will give, but it's still a problem. In the long term, it would be more useful to spent time and effort building automated tools to track down the sources of the spoofed packets than trying to deprecate UDP. Nick
