nanog mailing list archives
Re: ICMP Attacks???????
From: "Perry E. Metzger" <perry () piermont com>
Date: Fri, 15 Aug 1997 15:03:24 -0400
Josh Beck writes:
I think it's critical that routers be capable of logging the hardware addresses of ICMP, along with source addresses, so that these attacks can be traced across shared media at exchanges.
ICMP is only one of a dozen ways to attack people. There is no point in specially targetting ICMP. Unfortunately, it is, in practice, impossible to log ALL the traffic across a very busy router at an exchange point. In my opinion, the only long term solution here is software that is "smart" about tracebacks -- that is, can be directed in real time to log certain classes of traffic. Perry
Current thread:
- [CISCO] directed-broadcast, ip classless Ran Atkinson (Aug 14)
- Re: [CISCO] directed-broadcast, ip classless Josh Beck (Aug 14)
- ICMP Attacks??????? Network Admin Account (Aug 15)
- Re: ICMP Attacks??????? Joe Shaw (Aug 15)
- Re: ICMP Attacks??????? Network Admin Account (Aug 15)
- Re: ICMP Attacks??????? Michael Dillon (Aug 15)
- Re: ICMP Attacks??????? Perry E. Metzger (Aug 15)
- Re: ICMP Attacks??????? Josh Beck (Aug 15)
- Re: ICMP Attacks??????? Perry E. Metzger (Aug 15)
- Re: ICMP Attacks??????? Josh Beck (Aug 15)
- ICMP Attacks??????? Network Admin Account (Aug 15)
- Re: [CISCO] directed-broadcast, ip classless Josh Beck (Aug 14)
- Re: ICMP Attacks??????? Alex "Mr. Worf" Yuriev (Aug 15)
- Re: ICMP Attacks??????? Alex Rubenstein (Aug 15)
- Re: ICMP Attacks??????? Network Admin Account (Aug 15)
- Re: ICMP Attacks??????? Vincent Poy (Aug 15)
- Re: [CISCO] directed-broadcast, ip classless Mark E Larson (Aug 15)
- <Possible follow-ups>
- Re: [CISCO] directed-broadcast, ip classless Jeffrey S. Curtis (Aug 14)
- Message not available
- Re: [CISCO] directed-broadcast, ip classless Ran Atkinson (Aug 14)
- Re: [CISCO] directed-broadcast, ip classless Paul Ferguson (Aug 14)
- Message not available