nanog mailing list archives
Re: SMURF amplifier block list
From: Aaron Beck <abeck () falcon org>
Date: Tue, 14 Apr 1998 13:53:07 -0700 (PDT)
On Tue, 14 Apr 1998, Stephen Sprunk wrote:
Are we really concerned about being smurfed by a /30, or even a /27? The essential problem is backbone class-C's, especially those in NAPs where coordination is nearly impossible. Smaller subnets tend to be in small ISPs' or customers' networks, which don't pose a threat since they lack the bandwidth for an effective attack.
Im kind of under the impression that we're (ok, just me, but anyone else is welcome to jump on this bandwagon) trying to point out that class based thinking.. or even "well, most of the net is this" thinking is probably a bad idea. Kludges n' hacks may work most of the time, but kludges and hacks are just that.. kludgey and hackish. Hard coded defines, precompiled bins, etc have proven to be a less elegant method in other areas of the computing world... why should we repeat the same kind of mistake in the networking field? A smurf attack is just that, a smurf attack. Wouldnt the overall goal include removing the attack possibility in its entirety, not just a temporary solution that may solve some of the problems, but definetly not all of them? Assuming that most of the net is based on /24s, and that smaller subnets are generally internal to those /24's may be a safe assumption, but once again its probably not the best way to think about this problem (not that I have any hints on what the best way should be, but im fairly certain that applying a stereotypical ideology to this is "not a good thing"). just my two bits and a lot of run on sentences. -- Aaron
Current thread:
- Re: SMURF amplifier block list, (continued)
- Re: SMURF amplifier block list Forrest W. Christian (Apr 14)
- Re: SMURF amplifier block list Michael Shields (Apr 14)
- Re: SMURF amplifier block list Brett Frankenberger (Apr 14)
- Re: SMURF amplifier block list Stephen Sprunk (Apr 13)
- Re: SMURF amplifier block list Aaron Beck (Apr 14)
- Re: SMURF amplifier block list Karl Denninger (Apr 14)
- Re: SMURF amplifier block list Charley Kline (Apr 14)
- Re: SMURF amplifier block list Stephen Sprunk (Apr 14)
- Re: SMURF amplifier block list Stephen Sprunk (Apr 14)
- Re: SMURF amplifier block list Karl Denninger (Apr 14)
- Re: SMURF amplifier block list Aaron Beck (Apr 14)
- Re: SMURF amplifier block list Stephen Sprunk (Apr 14)
- Re: SMURF amplifier block list - READ THIS Karl Denninger (Apr 14)
- Message not available
- Re: SMURF amplifier block list - READ THIS Jay R. Ashworth (Apr 14)
- Re: SMURF amplifier block list - READ THIS Mark Milhollan (Apr 14)
- Re: SMURF amplifier block list - READ THIS Michael Dillon (Apr 14)
- Re: SMURF amplifier block list - READ THIS Dax Kelson (Apr 15)
- Re: SMURF amplifier block list - READ THIS Karl Denninger (Apr 15)
- Re: SMURF amplifier block list - READ THIS Pete Ashdown (Apr 15)
- Re: SMURF amplifier block list - READ THIS Karl Denninger (Apr 15)
- Re: SMURF amplifier block list - READ THIS Pete Ashdown (Apr 15)