nanog mailing list archives
Re: [nsp] known networks for broadcast ping attacks
From: Jon Lewis <jlewis () inorganic5 fdt net>
Date: Tue, 12 Aug 1997 17:15:11 -0400 (EDT)
On Tue, 12 Aug 1997, Dennis Simpson wrote:
Here's a sorted list of the networks used to attack FDT (pulled from my 1.5mb of tcpdump data which was just a brief sample of the data from our attack Sunday. If any of them belong to you, shame on you. 207.107.244You are being hit through Sprint Canada. Four /30's from this class c are the addresses assigned to the 4 T1's we have with Sprint Canada. What specific addresses on this net hit you? We do source address filtering, and do not permit packets to leave our net which do not have source addresses on our nets.
18:56:12.866177 207.107.244.14 > 205.229.48.20: icmp: echo reply (ttl 248, id 3392) 18:56:21.976177 207.107.244.18 > 205.229.48.20: icmp: echo reply (ttl 248, id 6747) Source filtering is not the issue. The issue is that someone pinged the broadcast address on these networks using a forged source address, and then all the hosts on the pinged networks respond to the forged source address, burrying it in icmp echo replies. It would be nice if everyone blocked broadcast pings from entering their networks. It would be nicer if these idiots found more constructive things to do with their time. ------------------------------------------------------------------ Jon Lewis <jlewis () fdt net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
Current thread:
- Re: [nsp] known networks for broadcast ping attacks, (continued)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Martin Cooper (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Greg Ketell (Aug 12)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Sharif Torpis (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Ran Atkinson (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Paul Ferguson (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Peter Giza (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Alan Barrett (Aug 13)
- Re: [nsp] known networks for broadcast ping attacks Frank Kastenholz (Aug 13)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 12)