[apnic-talk] NICs and Egress filtering?
Hi,
I look after Internet security for our company and have often wondered
....
Considering how important egress filtering of spoofed IP addresses in
preventing Distributed Denial Of Service attacks, I was wondering
whether APNIC and the other NICs have considered requiring IP address
holders to apply egress
filters on their boundary routers?
It seems to me the major NICs are about the only body that have the
where-with-all to enforce these filters. Once done, we would not only
eliminate DDOS attacks but also make DOS trackable, eliminate spam
spoofing and hacker techniques that use spoofing.
I guess the main problem would be how to test for it externally.
Anyone care to comment?
regards,
--
Phil Crooker ORIX Australia 61 8 8443 6844
UNIX SysAdmin pcrooker at orix dot com dot au 61 8 8443 6955 (fax)
* APNIC-TALK: General APNIC Discussion List *
* To unsubscribe: send "unsubscribe" to apnic-talk-request at apnic dot net *