RFC 2267
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing, January 1998
- File formats:
- Status:
- INFORMATIONAL
- Obsoleted by:
- RFC 2827
- Authors:
- P. Ferguson
D. Senie - Stream:
- [Legacy]
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC2267
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 2267
Abstract
This paper discusses a simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point. This memo provides information for the Internet community. It does not specify an Internet standard of any kind.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.