[Pool] defending against DDoS attacks

Sanjeev Gupta ghane0 at gmail.com
Sat Feb 22 01:27:05 UTC 2014


On Fri, Feb 21, 2014 at 6:15 PM, Jim Reid <ntp-pool at rfc1035.net> wrote:

> Your ISP should be deploying source address filtering/validation at their
> edge routers. Though they probably don't: good luck getting them to change.


_Their_ ISP needs to do this, not yours.  Your ISP sees a valid destination
address (yours), and a valid source address (the Internet).  Spoofed
packets need to be checked while _leaving_ a network.

-- 
Sanjeev Gupta
+65 98551208     http://www.linkedin.com/in/ghane


More information about the pool mailing list