nanog mailing list archives
Re: Smurfing
From: Phillip Vandry <vandry () Mlink NET>
Date: Mon, 16 Feb 1998 13:29:34 -0500 (EST)
The take the false static ARP concept a little further, I've been advised to use a fake adjacent host entry to accomplish this. A Bay SE sent this to me today : "In order to protect a directly connected network from being a smurf launch point, you can configure an Adjacent Host for the broadcast address (if the network is a /24 than the broadcast addresses would be x.x.x.0 and x.x.x.255) with a bogus MAC address. This will cause the smurf traffic to be sent to that bogus MAC address which result in NO ONE replying to the smurf."
Doesn't the broadcast address for which the false entry is being made to break completely? (i.e. not just for the directed broadcast case) If so, guess that's not OK if the router needs to send broadcast packets on the LAN, as when it is running RIPv1! -Phil
Current thread:
- Smurfing Alex Rubenstein (Feb 13)
- Re: Smurfing Charles Sprickman (Feb 13)
- Re: Smurfing Eric Osborne (Feb 13)
- Re: Smurfing Craig A. Huegen (Feb 13)
- Re: Smurfing Kevin Houle (Feb 15)
- Re: Smurfing Phillip Vandry (Feb 16)
- Re: Smurfing Brian Wallingford (Feb 13)
- Re: Smurfing Randy Bush (Feb 13)
- Re: Smurfing Tatsuya Kawasaki (Feb 16)
- Re: Smurfing Alex Bligh (Feb 16)
- Re: Smurfing Charles Sprickman (Feb 13)
- <Possible follow-ups>
- Re: Smurfing Joe Provo - Network Architect (Feb 13)
- Re: Smurfing Steve Hultquist (Feb 13)
- Re: Smurfing Eric Osborne (Feb 13)
- Re: Smurfing Deepak Jain (Feb 13)
- Re: Smurfing Havard . Eidnes (Feb 13)
- Re: Smurfing Randy Bush (Feb 13)