MoinQ:

Contents

  1. history
Spoofed DDoS Attacks and BCP 38 https://www.malwarepatrol.net/spoofed-ddos-attacks-and-bcp-38/

All providers of Internet connectivity, operating or not an AS (Autonomous Systems),
are highly urged to implement ingress filtering mechanisms 
according to BCP 38 and RFC 3704 to prohibit attackers from using forged source addresses.

1. history

Unfortunately, this is not implemented in many networks yet.
Best practices are known for a long time, 
the first published RFC on this subject was 2267 in 1998, 
followed by 2827 (BCP 38) in 2000 and 3704 (BCP 84) in 2004.

RFC 2267 – Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing http://tools.ietf.org/html/rfc2267.html

RFC 2827 / BCP 38 – Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing http://tools.ietf.org/html/rfc2827.html

RFC 3704 / BCP 84 – Ingress Filtering for Multihomed Networkshttp://tools.ietf.org/html/rfc3704.html


CategoryDns CategoryWatch CategoryTemplate

MoinQ: DDoS/spoofed (last edited 2023-11-26 00:09:38 by ToshinoriMaeno)