AlbyVA wrote:
The big problem with BCP38 is that it really needs to be phased in from the ground up at the smallest of network levels and not the top down from the ISP level.
Then why not start doing that? For any ISP providing service to residential customers (all those millions and millions of cable and DSL connections) it is really peanuts to implement BCP38 on their access network. Same for all those low-budget hosters that provide virtual servers to customers paying $5 a month, and getting a single IP address or a small subnet from the ISP space, and no option of getting their own space routed. Peanuts for them to configure an access list in the access routers or close to the servers. When at least those measures were taken, the wide availability of unfiltered access to hackers (botnets, cheap hosting) would be reduced. Multihomed systems are hopefully administered and monitored a bit better, and less likely used as source of an attack. Rob _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
