Firewall Wizards mailing list archives

Re: Smurfs and fraggles

From: Arnd Vehling <arnd () vehling de>
Date: Wed, 10 Feb 1999 20:54:26 +0100

Hello,

If I understand this correctly would a simple solution be to filter all
incomming broadcasts?  Would it just be a matter of setting up a filter on the
router to drop all incomming packets with a destination address of
xxx.xxx.xxx.255 where xxx.xxx.xxx is my network address?


If you are using /24 network (formerly know as Class-C) this is right.

Is there a reason I wouldn't want to do this?


For small leave-nodes of the internet with a limited number of subnets
this is a solution, but if you are responsible for a larger block of
ip-space with one hundred or more subnets this would mean you would
have to filter _all_ existing subnet-broadcast-masks. Which is probably
not a pratical thing to do.

regards,

  Arnd

-- 

NetHead                                 Network Design and Security
Arnd Vehling                            av () nethead De
Ritterstr. 170                          Phone: +49 2151 933780
47805 Krefeld                           Fax  : +49 2151 933782

Current thread:

Smurfs and fraggles dcostello (Feb 09)
- <Possible follow-ups>
- Re: Smurfs and fraggles Rick Murphy (Feb 10)
- Re[2]: Smurfs and fraggles dcostello (Feb 10)
  - Re: Smurfs and fraggles Barrett G. Lyon (Feb 10)
  - Re: Smurfs and fraggles Arnd Vehling (Feb 10)
    - Re: Smurfs and fraggles Ted Doty (Feb 11)
  - Re: Re[2]: Smurfs and fraggles Dani Arbel (Feb 11)
- Re: Smurfs and fraggles Robert Graham (Feb 10)
- RE: Smurfs and fraggles John McDonald (Feb 10)
- Re[2]: Smurfs and fraggles dcostello (Feb 11)
  - Re: Smurfs and fraggles Bennett Todd (Feb 11)
    - Re: Smurfs and fraggles Laurent LEVIER (Feb 12)
    - Re: Smurfs and fraggles Bennett Todd (Feb 17)
- Re: Re[2]: Smurfs and fraggles Ryan Russell (Feb 11)