Re: Filters for dialup ppp/slip/shell (fwd)

MegaZone (megazone@livingston.com)
Tue, 10 Dec 1996 17:54:58 -0800 (PST)

Once upon a time patrick@value.net shaped the electrons to say...
>I would disagree. *ALL* ISP's should include filters against source
>address spoofing, which makes it more difficult to perform denial of
>service attacks like the recent SYN attacks.

Agreed, this is a good neighborly thing to do.

However, I think the question was what to put on the dialin lines, and I
would see this done on the WAN port to the internet as that is a choke
point.

You could do both I suppose, but I wouldn't rely on just the dialin filters,
especially if you offer shell access since they don't work there.

-MZ

--
Livingston Enterprises - Chair, Department of Interstitial Affairs
Phone: 800-458-9966 510-426-0770 FAX: 510-426-8951 megazone@livingston.com
For support requests: support@livingston.com  <http://www.livingston.com/> 
Snail mail: 4464 Willow Road, Pleasanton, CA 94588