Re: Router modifications to deal with smurf

From: Jay R. Ashworth (no email)
Date: Mon Apr 27 1998 - 18:17:44 EDT

On Sun, Apr 26, 1998 at 05:59:42PM -0400, John Hawkinson wrote:
> > We request that your routers be configurable, both globally and
> > and the interface level, with the interface configuration overiding the
> > global configuration, to prevent the forwarding of an IP packet with a
> > source network address different from the network address of the interface
> > on which it was received. We also request that the default configurations
> > of your routers be modified to prevent, globally, said forwarding.
> I'd be concerned that having this as a default is not necessarily
> the right thing in sufficiently large numbers of situations as to
> make this a bad idea.

I know we've collectively been here before, but is it not a reasonable
assumption that people whose routing patterns might be assymetrical enough
to break this as a default should be expected to be bright enough to switch
it off?

-- jra

Jay R. Ashworth                                                
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
Tampa Bay, Florida             on             +1 813 790 7592
Managing Editor, Top Of The Key sports e-zine ------------

Hosted Email Solutions

Invaluement Anti-Spam DNSBLs

Powered By FreeBSD   Powered By FreeBSD