{"draft":"","doc_id":"RFC2827","title":" Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing ","authors":["P. Ferguson","D. Senie"],"format":["ASCII","HTML"],"page_count":"10","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"IETF - NON WORKING GROUP","abstract":" This paper discusses a simple, effective, and straightforward method for using ingress traffic filtering to prohibit DoS (Denial of Service) attacks which use forged IP addresses to be propagated from 'behind' an Internet Service Provider's (ISP) aggregation point.  This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.  ","pub_date":"April 2000","keywords":["ISP","Internet Service Provider","IP","Internet Protocol","DOS","Denial of Service"],"obsoletes":["RFC2267"],"obsoleted_by":[],"updates":[],"updated_by":["RFC3704"],"see_also":["BCP0038"],"doi":"10.17487\/RFC2827","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc2827"}