Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
暂无分享,去创建一个
Recent occurrences of various Denial of Service (DoS) attacks which have employed forged source addresses have proven to be a troublesome issue for Internet Service Providers and the Internet community overall. This paper discusses a simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point.
[1] Fred Baker,et al. Requirements for IP Version 4 Routers , 1995, RFC.
[2] Yakov Rekhter,et al. Address Allocation for Private Internets , 1994, RFC.
[3] Gabriel Montenegro. Reverse Tunneling for Mobile IP , 1998, RFC.
[4] Charles E. Perkins,et al. IP Mobility Support , 1996, RFC.