You are here: Home > Participate > Join a Discussion > Mailman Archives

Re: [spoofing-tf] Source Address Validation Architecture (SAVA), BOF proposal @ IETF

On Thu, 14 Sep 2006, Rob Beverly wrote:
Again, not true. Look at the studies for the sources of DOS attacks.
Spoofed source addresses are not currently (nor have they been) the core
Sure, but again, consider the recent DNS amplifier attacks and
filter circumvention attacks (using spoofing to send UCE).
I'd be interested in seeing more references on the SPAM-spoofing.  I 
assume you refer to hijacking an address space (possibly a bogon, 
possibly in use), sending spam, and switching the prefix continously. 
This is quite different than 'traditional' spoofing because above also 
requires propagation of false routing information instead of simply 
sending bogus packets.
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings