[c-nsp] URPF MAC check
Dobbins, Roland
rdobbins at arbor.net
Fri Nov 23 10:41:08 EST 2012
On Nov 23, 2012, at 9:29 PM, Tóth András wrote:
> DoS attacks? Most often come from a spoofed source IP,
Actually, this hasn't been true for a long time. Reflection/amplification attacks are by definition spoofed, but there're plenty which aren't.
> so why wouldn't they spoof the MAC as well (in case it's a DoS coming from a directly connected network)?
In an IX environment, the IX fabric operator would presumably enforce port security.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the cisco-nsp
mailing list