nanog mailing list archives

Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement)

From: Paul Ferguson <ferguson () cisco com>
Date: Sun, 28 Dec 1997 13:31:48 -0500

At 12:05 PM 12/28/97 -0600, Karl Denninger wrote:


You don't want to filter ICMPs.  What you want to filter is ANYTHING which
came from an invalid source address *at your entrance* from your customer
connections.


This is documented in:


 Network Ingress Filtering: Defeating Denial of Service Attacks
  which employ IP Source Address Spoofing;
 draft-ferguson-ingress-filtering-03.txt

At the moment, we're trying to get this evntually published as
an Informational RFC.

More information can be found at:

 ftp://ftp.cert.org/pub/cert_advisories/CA-97.28.Teardrop_Land

- paul

Current thread:

Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement), (continued)
- - - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 27)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
    - Re: smurf, the MCI-developed tracing tools Dax Kelson (Dec 28)
    - Re: smurf, the MCI-developed tracing tools Karl Denninger (Dec 29)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Bradley Reynolds (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Paul Ferguson (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Dalvenjah FoxFire (Dec 28)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Alex P. Rudnev (Dec 31)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Phil Howard (Dec 29)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Alex P. Rudnev (Dec 31)
    - Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Dale Drew (Dec 27)
    - Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Reid B. Fishler (Dec 27)
    - Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Phil Howard (Dec 27)
    - Message not available
    - Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Jay R. Ashworth (Dec 28)
    - Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Jeff Stehman (Dec 30)

(Thread continues...)