论文信息 - Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing

Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing

Recent occurrences of various Denial of Service (DoS) attacks which have employed forged source addresses have proven to be a troublesome issue for Internet Service Providers and the Internet community overall. This paper discusses a simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point.

Paul Ferguson | Daniel Senie | P. Ferguson | D. Senie | Paul Ferguson

[1] Fred Baker,et al. Requirements for IP Version 4 Routers , 1995, RFC.

[2] Yakov Rekhter,et al. Address Allocation for Private Internets , 1994, RFC.

[3] Gabriel Montenegro. Reverse Tunneling for Mobile IP , 1998, RFC.

[4] Charles E. Perkins,et al. IP Mobility Support , 1996, RFC.