Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing, January 1998
- File formats:
- Obsoleted by:
- RFC 2827
- P. Ferguson
Discuss this RFC: Send questions or comments to the mailing list [email protected]
This paper discusses a simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point. This memo provides information for the Internet community. It does not specify an Internet standard of any kind.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.