Blocking spoofing at the source (was: ICMP Attacks??)

Robert Sanders <> writes:

I plan to deploy anti-spoofing filters throughout our access network
before the end of September. Is anybody else running or planning to
implement similar filters?

We've been doing this (also with USR total control hardware) since we
first started handling large scale dialup IP a bit over a year ago.

Before USR had the dynamic filters, we just preloaded per-customer
filters into each box and referenced it with a normal filter id.
While we couldn't make the filters specific to the user, they did
restrict traffic to the source address block from which all dynamic
addresses were assigned, so even if they spoofed, it would still track
back to a block that ANS was identified with, and we could work
backwards through our call records to try to track it down.

-- David

\ David Bolen \ Internet: /
  > ANS Communications, Inc. \ Phone: (914) 789-5327 |
/ 100 Clearbrook Road, Elmsford, NY 10523 \ Fax: (914) 789-5310 \