Security Incidents mailing list archives
Re: Ping flood? Whats the point?
From: r.fulton () AUCKLAND AC NZ (Russell Fulton)
Date: Thu, 10 Feb 2000 12:14:31 +1300
On Wed, 9 Feb 2000 16:41:42 +1300 Kerry Baker <k.baker () cantva canterbury ac nz> wrote:
-----Original Message----- From: Filip M. Gieszczykiewicz [mailto:filipg () corona eps pitt edu] Sent: Wednesday, 9 February 2000 14:45 To: Kerry Baker Cc: INCIDENTS () SECURITYFOCUS COM Subject: Re: Ping flood? Whats the point?So, do YOU filter output at your firewall? And if not, how ELSE can such spoofs be prevented (if one assumes you have no access to equipment upstream of your LAN)Yes we do. Only valid source IP addresses from within our network are allowed out and we don't allow packets with source addresses that are ours in. We also block the IANA private network addresses from entering our network too. Those things seem to leak out all over the Internet. I doubt our upstream provider does the same due to the large number of networks under their wing, but they could if they wanted to and it would provide another layer of protection against spoofing.
Most modern routers allow both ingress and outgress filtering so even if you don't have a full firewall (like us) or a traditional DMZ (which we do) you should filter such traffic on your boundary router. We have done this for over ten years, ever since we have been connected to the net and like Kerry I am surprised that this isn't standard practice. Russell.
Current thread:
- Re: Ping flood? Whats the point?, (continued)
- Re: Ping flood? Whats the point? Ryan Sweat (Feb 02)
- Re: Ping flood? Whats the point? Don (Feb 02)
- tracing spoofing (Was Re: Ping flood? Whats the point?) Dragos Ruiu (Feb 03)
- Re: Ping flood? Whats the point? Andy David (Feb 03)
- Re: Ping flood? Whats the point? Bill Pennington (Feb 05)
- Re: Ping flood? Whats the point? Russell Fulton (Feb 06)
- Re: Ping flood? Whats the point? Chuck Phillips (Feb 05)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 07)
- Re: Ping flood? Whats the point? Filip M. Gieszczykiewicz (Feb 08)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 08)
- Re: Ping flood? Whats the point? Russell Fulton (Feb 09)
- Re: Ping flood? Whats the point? Thomas Vincent (Feb 09)
- Re: Ping flood? Whats the point? Filip M. Gieszczykiewicz (Feb 09)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 07)