Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
The spoofer project: inferring the extent of source address filtering on the internet
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
| Hi-index | 0.00 |
Despite the fact that spoofing based attacks have severe consequences and are wide-spread, much of the present day Internet is ill-prepared to defend against them. To defend against spoofing effectively, devices at the edge of the Internet have a major role to play. This paper describes how one such set of devices, broadband access concentrators (BAC), can help in mitigating the IP spoofing attacks. With the growing use of dynamic assignment of IP addresses to subscribers (e.g., using DHCP), BACs are increasingly dependent on dynamically acquired information to do antispoofing, which presents the currently pressing problem of dealing with loss of this information (e.g., because of crashes). The existing solution to deal with this problem for DHCP is, after a deep analysis, found to be inefficient and ineffective. We propose an extension to the existing solution to make it efficient and effective.