nanog mailing list archives
Re: [nsp] known networks for broadcast ping attacks
From: Edward Henigin <ed () texas net>
Date: Wed, 30 Jul 1997 21:16:25 -0500
this does work as you'd expect (it prevents the cisco from framing an IP broadcast packet into an ethernet broadcast frame) BUT unfortunately it can break Windows networking, as well as BOOTP/DHCP, depending on how you're set up. but if you're not using one of the above (routed), then by all means, 'no ip directed-broadcast' is an excellent way to go.. -- On Wed, Jul 30, 1997 at 02:52:14PM -0700, Craig A. Huegen said:
On Wed, 30 Jul 1997, Jeffrey S. Curtis wrote: ==>(And to answer the proverbial "how do I configure my router for that" ==>in advance, the answer is that, at least on my boxes, the not-allowing- ==>broadcast-pings-through-as-broadcasts-onto-the-target-media thing is on ==>by default. Source address filtering, however, is not.) For Ciscos, "no ip directed-broadcast" on your interfaces will prevent remote devices from sending directed broadcasts. No guarantees about applications it might break, though. /cah
Current thread:
- Re: [nsp] known networks for broadcast ping attacks Jeffrey S. Curtis (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Craig A. Huegen (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Craig A. Huegen (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Edward Henigin (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Jeremy Porter (Jul 30)
- <Possible follow-ups>
- Re: [nsp] known networks for broadcast ping attacks Jeffrey S. Curtis (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jay R. Ashworth (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Craig A. Huegen (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks prue (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Alex.Bligh (Jul 31)
- Re: [nsp] known networks for broadcast ping attacks Sean Donelan (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Steve Nash (Jul 30)