New Denial of Service Attack on Panix

Good Morning,

Please excuse me if this simple suggestion was mentioned in
the thread (the traffic was so heavy I did not read so many),
but I woke up this morning thinking simply:

If all ISPs would configure final end user routers (not transit
carriers or intermediate systems, but only the router that
actually services end users) to drop all packets originating
in the direction of the end user where the source IP address
does not match the IP address of the customer on a per port
basis (or some variation of this plot and theme) then
it would become trival to trace these denial-of-service

Again, I apologize if this simple technique was mentioned
during the heavy traffic on the subject and I missed it,
but this approach seems so simple, that it must of been
mentioned, but I missed it.

For this simple technique, I agree that a BCP is appropriate,
so all IP service providers can 'sing off the same sheet of
music' and cooperate together to stop bogus packets originating
inside of their 'sphere of influence'.

Of course, getting all providers in the world to cooperate sounds
like an impossible task, so in that case, all level 0, 1, etc.
transit networks must have a policy that all downstream
(or is it upstream, I'm still asleep) do this filtering
as part of the service agreement.

Unless my groggy mind from a deep sleep is missing some marbles,
this general technique and administrative policy would go a
very long way toward stopping the random() attack and provide
for a much easier way to trace attackers.

Yawn. Back to sleep......

All The Best,