funsec mailing list archives

Re: DoS help

From: der Mouse <mouse () rodents-montreal org>
Date: Tue, 9 Nov 2010 02:18:09 -0500 (EST)

about two hours of it in the afternoon (I've never experienced where
it hit the whole damn thing X.X.X.255)

[...] I'll bite just in case someone who actually has this problem
runs into the thread on Google;

Above scenario is indicative of a network being an intermediary in a
UDP broadcast amplification attack, i.e. fraggle.


...and, in most cases, a suitable defense is to make sure that the
router(s) into that broadcast domain don't forward directed broadcast
traffic, ie, traffic which is not a broadcast on the network the router
receives it on but is a broadcast on the network it would otherwise be
sent to.  (Most networks have no use for such traffic and most routers
can be configured this way; indeed, I think some can't be made to
behave any other way.)

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse () rodents-montreal org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

DoS help RandallM (Nov 08)
- Re: DoS help Dan White (Nov 08)
- Re: DoS help Thomas M Carlsson (Nov 08)
  - Re: DoS help der Mouse (Nov 08)
- <Possible follow-ups>
- Re: DoS help RandallM (Nov 09)
- Re: DoS help RandallM (Nov 09)