Re: Smurfing

["Craig A. Huegen" <chuegen () quadrunner com>]

On Fri, 13 Feb 1998, Charles Sprickman wrote:

==>It's all well and good that everyone knows backwards and forwards how to
==>configure this sort of thing on a Cisco, but there are other vendors out
==>there making routers too.  What is trivial in IOS may turn out to be a
==>real bitch on other equipment.  From what I understand, Bay is working on
==>getting a similar feature in 12.something, but what of Ascend, OpenRoute,
==>and others making equipment that can handle big connections?
==>
==>Perhaps some of the folks on NANOG that use equipment other than Cisco
==>would like to share how they "configure their router for that"?  It would
==>be a nice service to everyone...


http://www.quadrunner.com/~chuegen/smurf.txt

It has Bay Networks and Proteon information, and I'm adding Ascend
information as well within the next week.

With Bay Networks, you must set a false static ARP for the broadcast
address and then it will not send directed broadcasts.  A Bay SE tells me
that an option to disable directed broadcasts is being implemented and
will be in a major release expected around April.

With Ascend, you must filter traffic to the broadcast address.

This page has been up since October and was mentioned in the CERT,
bugtraq, etc., advisories as well as a lot of media articles on smurfing.
Where've you been? =)

/cah