On 02/14/2014 06:54 AM, Giles Davis wrote: > Keith Mitchell wrote: >> But it's not just about NTP and DNS, pretty much any UDP-based service >> that can do amplification is in play, e.g SNMP, Chargen and I've even >> seen "QOTD" (UDP 17).
>> Universal BCP38 source address validation is needed more badly then ever :-( > I don't know what the 'end result' of this is going to be - but i'm sure > that even if the NTP / DNS amplifiers get cleaned up enough to fix that, > there's no shortage of other potential amplifiers out there anyway. If > BCP38 doesn't start to gain wider adoption, this is just going to keep > getting worse. For one perspective: http://queue.acm.org/detail.cfm?id=2578510 Keith