I was invited to present at the recent IX Leeds open meeting, as “someone neutral” on the topic of BCP38 – largely in relation to the effects from not deploying it, not just on the wider Internet, but on your IP networking business (if you have one), and on the networks you interconnect with.
I basically broke the topic down:
What and how: Quick overview of address spoofing and how a backscatter amplification attack works.
Why you should care: Yes, it benefits others, but you have costs in terms of bandwidth and abuse/security response too.
The bleeding edge: IETF SAVI working group.
It wasn’t meant to be a technical how-to, but a non-partisan awareness raiser, as the IX Leeds meeting audiences aren’t full of “usual suspects” but people who are less likely to have been exposed to this.
It’s important to get people doing source address filtering and validation, both themselves, and asking their suppliers for it where it’s appropriate.
Here’s the slide deck (.pdf) if you’re interested.