TCP vulnerability: cancel red alert
Posted Apr 22, 2004 18:28 UTC (Thu) by jbh
In reply to: TCP vulnerability: cancel red alert
Parent article: TCP vulnerability: cancel red alert
All true. Anti-spoof-filtering must be done at the edge. Very few ISPs currently do this, because there is no pressure for them to do so. There is no advantage in doing it. But if everybody did, everybody would be better off. Prisoner's dilemma. Needs "outside" pressure to get to best solution.
Regarding DoS though, while a DoS doesn't require spoofed source addresses, it does make it much much harder to stop.
to post comments)