[PLUG] Probes from non-existent domains

Mike Witt mike at computer-arts.net
Wed Apr 17 19:31:23 UTC 2002


Paul Heinlein wrote:

> It seems to me a lot of this nonsense would go away if ISPs enforced
> some router discipline for their dial-up and DSL customers. The ISPs
> could merely refuse to forward packets that don't have a host address
> matching their dial-up/DSL subnet(s). If that were the default policy
> (with exceptions made when a customer can convince the ISP that
> outbound spoofing is legitimate), lots of 'false hosts' would
> disappear from /var/log/*.
> 
> Of course, I might not understand all the issues an ISP faces in this
> regard. I'd be interested to hear from someone who's had to deal with
> this.

I managed the engineering group at Verio Oregon for about 3 years
and I don't believe there is any reason that ISPs couldn't enforce
this (and many do.) Of course, someone could always present 
counter arguments.

-Mike

-- 
Mike Witt 
Computer Arts, West Linn Oregon, USA
http://www.computer-arts.net/~mike



More information about the PLUG mailing list