[dns-operations] SAC004 & BCP38 [was: DNS deluge forx.p.ctrc.cc]
geoincidents at nls.net
Thu Mar 2 13:05:44 UTC 2006
> [...Spoofing should be blocked / spoofing should not be blocked...]
> > I consider 'spoofing' the practice of forging your IP header to
> be someone
> > you are not. This is a bit different than using your IP space across
> > multiple providers, however I agree that in most instances it
> can be used to
> > describe both.
> If there's a both a 'legitimate' and malicious use of the same technique
> (or very similar techniques), then sorting between the good guys and the
> bad guys on our routers is going to be tough...
He's not saying there are both legitimate and malicious uses for spoofing,
he's saying one is spoofing the other is a misconfiguration and he's right.
More information about the dns-operations