On Wed, 25 Oct 2006, Randy Bush wrote:
> > I don't want to detract from the heat of this
discussion, as
> > important as it is, but it (the discussion)
illustrates a point
> > that RIPE has recognized -- and is actively
perusing -- yet, ISPs
> > on this continent seem consistently to ignore: The
consistent
> > implementation of BCP 38.
>
> oh? you have knowledge that this botnet attack used
spoofed source
> addresses?
what's curious, to me atleat, is that folks equate 'botnet'
and 'spoofed
source attacks' more often than I'd think is reasonable.
I've not got
'hard numbers' but almost every time the attack is
determined to be
'botnet' it's not spoofed.
Odd... (not that I'm against bcp38, I just think the
distraction in
conversation from 'bcp38 is good' to 'we must stop bots' is
not helpful)
|