nanog mailing list archives
Re: [nsp] known networks for broadcast ping attacks
From: Martin Cooper <mjc () xara net>
Date: Tue, 12 Aug 1997 17:14:44 +0100
Charles Sprickman <spork () inch com> wrote:
On Tue, 12 Aug 1997, Jon Lewis wrote:This may be true, but what's to stop the writers of smurf and the other programs from distributing version 2 with all new network addresses? Fixing the 119 networks used to attack FDT will help, but I doubt it will solve the problem.When I type "no ip source route" on a Cisco, what exactly is that doing for me? Is it just disallowing the router itself to generate source-routed packets or is it saying sink all source-routed packets? All this talk of spoofing is getting me a bit confused. What exactly is the difference between source-routing and spoofing? Just trying to understand a bit more, Charles
It prevents the Cisco from handling packets with source routing header options set, whether locally generated, or switched. It doesn't prevent the router generating or switching packets with invalid source addresses e.g. packets with source addresses from inside the network entering the router via an external interface - you need to apply access lists to the appropriate interfaces (in the appropriate directions) to prevent this. M.
Current thread:
- Re: [nsp] known networks for broadcast ping attacks Joe Provo - Network Architect (Aug 02)
- <Possible follow-ups>
- Re: [nsp] known networks for broadcast ping attacks Rick Watson (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Eric Wieling (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks David P. Maynard (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Miquel van Smoorenburg (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Jonah Yokubaitis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Martin Cooper (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Greg Ketell (Aug 12)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Sharif Torpis (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Ran Atkinson (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Paul Ferguson (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Peter Giza (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Alan Barrett (Aug 13)
- Re: [nsp] known networks for broadcast ping attacks Frank Kastenholz (Aug 13)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 12)