Re: SMURF amplifier block list

From: Randy Bush (no email)
Date: Mon Apr 13 1998 - 21:00:00 EDT


i suspect that they're discussing blocking inbound packets from faked
sources of smurf attacks. in this case, protection from outbound routing
info is too late. once the smurf packets gets in your local net, you've
been smurfed.

of course, the idea of blocking smurf spoof sites is pretty specious. how
many folk will go through the effort and burden on the routers to put an
access list in the packet path and yet not be clueful enough to just say
'no ip directed-broadcast' on the same damn edge router insead?

wait a sec. on second thought, don't answer that question.

randy








Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD