nanog mailing list archives

Re: smurf

From: Adrian Chadd <adrian () ourworld net>
Date: Tue, 9 Dec 1997 03:43:23 +1100 (EST)



On Fri, 5 Dec 1997, Wayne Bouchard wrote:

[snip]

threaten the most disruption of internet services. With ISDN and
DSL, users have the bandwidth necessary to generate even more
dangerous levels of traffic. If you don't think this issue affects
you, it does. If you're not a target, your probably being used
as a source.


I agree totally.
A couple of problems:

* Filtering ALL ICMP is pretty silly, ICMP is there for more than just
  pings, and some of it is important.
* If people start doing this, someone with a smidgen of time on their
  hands will write a ping flooder that uses random TCP or UDP packets
  with spoofed from addresses.

I'm curious however - can anyone out there running netflow or something
similar give me a breakdown on what kind of ICMP traffic they're seeing?

Adrian

Current thread:

smurf Wayne Bouchard (Dec 08)
- Re: smurf Karl Denninger (Dec 08)
  - Re: smurf Dean Anderson (Dec 08)
- Re: smurf Adrian Chadd (Dec 08)
  - Re: smurf Craig A. Huegen (Dec 08)
  - Re: smurf Phil Howard (Dec 08)
    - Re: smurf Wayne Bouchard (Dec 08)
    - Re: smurf Alec H. Peterson (Dec 08)
  - Re: smurf Mike Hedlund (Dec 08)
    - Re: smurf Leigh Porter (Dec 08)
  - Re: smurf Henry Linneweh (Dec 08)
- <Possible follow-ups>
- Re: smurf Joe Provo - Network Architect (Dec 08)
  - Re: smurf Craig A. Huegen (Dec 08)
  - Message not available
    - Re: smurf Paul Ferguson (Dec 10)

(Thread continues...)