'Evil Bit' proposed for IP packets
A truly remarkable suggestion to help improve security on the internet
Firewalls [CBR03], packet filters, intrusion detection systems, and the like often have difficulty distinguishing between packets that have malicious intent and those that are merely unusual. The problem is that making such determinations is hard. To solve this problem, we define a security flag, known as the "evil" bit, in the IPv4 [RFC791] header. Benign packets have this bit set to 0; those that are used for an attack will have the bit set to 1.
Imported from a really old blog. Some links might be dead. Let me know if you find dead links.