Security Incidents mailing list archives
Re: ICMP/SYN Flood
From: Sebastian Jaenicke <tsa () jaenicke org>
Date: Thu, 22 May 2003 21:39:16 +0200
On Thu, May 22, 2003 at 07:47:21AM +0500, Muhammad Naseer Bhatti wrote: [..]
And the list goes oon .. The question I want to ask here, is the network/router poorly configured at my NOC which is allowing broadcasts/networks to pass through it? If so, how can I assist them to fix it? I am not a Cisco guru, so might need someone to give me some hints so that I can pass that to the poor NOC techs.
"no ip directed-broadcast" disallows packets targeted at broadcast addresses. Note this applies to destination, but not source IP address. This is the default setting in Cisco IOS 12.0 and later. - Sebastian -- Sebastian Jaenicke Disce aut discede! whois pgpkey-18AC0BE4 -h whois.ripe.net|perl -ne's-^certif: +--&&print'
Attachment:
_bin
Description:
Current thread:
- ICMP/SYN Flood Muhammad Naseer Bhatti (May 22)
- RE: ICMP/SYN Flood David Gillett (May 23)
- Re: ICMP/SYN Flood Sebastian Jaenicke (May 23)
- Re: ICMP/SYN Flood CTA (May 23)
- Re: ICMP/SYN Flood Dr J (May 23)
- <Possible follow-ups>
- Re: ICMP/SYN Flood Muhammad Naseer Bhatti (May 23)
- RE: ICMP/SYN Flood Whiteside, Larry [contractor] (May 23)