On 02/14/2014 06:54 AM, Giles Davis wrote:
> Keith Mitchell wrote:
>> But it's not just about NTP and DNS, pretty much any UDP-based service
>> that can do amplification is in play, e.g SNMP, Chargen and I've even
>> seen "QOTD" (UDP 17).
>> Universal BCP38 source address validation is needed more badly then ever :-(
> I don't know what the 'end result' of this is going to be - but i'm sure
> that even if the NTP / DNS amplifiers get cleaned up enough to fix that,
> there's no shortage of other potential amplifiers out there anyway. If
> BCP38 doesn't start to gain wider adoption, this is just going to keep
> getting worse.
For one perspective:
http://queue.acm.org/detail.cfm?id=2578510
Keith
