Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

The paper by Peng et al about DoS/DDoS discusses ingress and egress filtering as

ID: 3571481 • Letter: T

Question

The paper by Peng et al about DoS/DDoS discusses ingress and egress filtering as a way to fight source address spoofing. They note the difficulties with knowing for certain if a source address is valid on a particular interface can make ingress filtering difficult. But it seems safe to assume that any border router will know which IP addresses are located inside its own AS. Therefore, it can safely and easily do two things: • Drop any packet actually originating within the AS, but having a source address outside the AS. This provides a simple form of egress filtering. • Assume that a packet originating the outside with a source address belonging to the AS is spoofed, and drop it at the gateway. This would apply to both packets arriving at the AS for internal delivery, and for transit through the AS. This policy then provides some simple ingress filtering, and some indirect egress filtering, since the transit packets would be dropped. Suppose every AS adopted such a policy How would this limit the ability of hackers to spoof source addresses? What cases would it block, and what would it still allow? Is it worth doing?

Explanation / Answer

It is worth doing.

Suppose every AS adopted such policy any source addresses should enter the network through router(gateway) which provides end to end connection and will store the source address in it's table than broadcasts the source address to deliver the packet.

Source address plus spoofing address requets at the server increases downtime of server and that will cause server to crush and reduces connectivity of valid source address clients so for them service cannot be provided.

To reduces this problems dropping the spoofing source address policy followed and allows only aunthenticated source addresses.If they hacked the network with valid source address their location registered in gateway can easily identify them to put behind bars.

Note: spoofing source address means source addresses have false location , all the souce IP address mapped with specific GPS locations.

Only when source addresses which have false GPS location will be blocked.

Related Questions

The pV diagram in the figure shows a heat engine operating on 0.850 mol of H2 (
Question #1988665
The pV diagram in the figure to the right shows a heat engine operating on 0.850
Question #1591369
The pV diagram in the figure to the right shows a heat engine operating on 0.850
Question #2225990
The pa follow For Problen DEMAND 221 247 228 233 240 152 163 155 167 158 PERIOD
Question #367286
The package bayesm includes the dataset Scotch Need help with R codes and visual
Question #3793343
The package of a particular brand of rubber band says that the bands can hold a
Question #3267795
The package of a particular brand of rubber band says that the bands can hold a
Question #3294419
The package of mass m=1 kg is pushed across the surface by a jet of compressed a
Question #2179662
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
The paper \"The Psychological Consequences of Money\"† describes several experim
Next
The paper dielectric in a paper-and-foil capacitor is 7.75×102 mm thick. Its die

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.