Re: Ping flood? Whats the point?

[filipg () CORONA EPS PITT EDU (Filip M. Gieszczykiewicz)]

On Tue, 8 Feb 2000, Kerry Baker wrote:
[snip]
> The only way to stop this sort of attack taking place is to only allow
> legitimate source addresses in packets leaving your networks.  Come on
> people!  Lets all make an effort to stamp this out.

So, imagine my surprise that there are several loud advocates for not
having ANY output rules at the firewall. Either you trust all your users
or you take steps that you don't get yourself in trouble in the end. I
have been streamlining the ruleset to eventually reject any output from
leaving our LAN that doesn't fit the bill.

So, do YOU filter output at your firewall? And if not, how ELSE can such
spoofs be prevented (if one assumes you have no access to equipment
upstream of your LAN)

Cheers,
Filip G.

Filip "I'll buy a vowel" Gieszczykiewicz  |  http://www.repairfaq.org/
                                             (filipg () corona eps pitt edu)
I am the river itself and the leaf floating its currents.
I am steering. I am swept. I am.