About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF

  • To: "Barry Greene (bgreene)" bgreene@localhost
  • From: Rob Beverly rbeverly@localhost
  • Date: Thu, 14 Sep 2006 11:22:26 -0400
  • Cc: Jaap Akkerhuis jaap@localhost, spoofing-tf@localhost, sava@localhost
On Thu, Sep 14, 2006 at 08:13:43AM -0700, Barry Greene (bgreene) wrote:
> RTFM BCP 38. Please point out the phase where it says BCP 38 checks are
> done in the core of a network.
> 
> Honestly I find this convoluted excuse for not using uRPF Strict mode as
> a tool for BCP 38 really lame. Read the doc and understand how it work. 

Barry, 

Thanks - I've RTFM'd.  I'm neither trying to present a convoluted
excuse nor say that BCP 38 isn't highly useful.  Rather, our
project attempts to measure the penetration of such techniques.
I mainly take objection to the statements that spoofing is not
useful to any parties viz-a-viz the DNS amplifier attacks and
UCE filter circumvention.  Perhaps you have detailed statistics
on the distribution of edge devices and their support of various
modes of uRPF?  This is the kind of data that would also be
interesting in understanding adoption issues.

Regards,

rob
Post To The List:

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community