funsec mailing list archives
Re: DoS help
From: der Mouse <mouse () rodents-montreal org>
Date: Tue, 9 Nov 2010 02:18:09 -0500 (EST)
about two hours of it in the afternoon (I've never experienced where it hit the whole damn thing X.X.X.255)
[...] I'll bite just in case someone who actually has this problem runs into the thread on Google;
Above scenario is indicative of a network being an intermediary in a UDP broadcast amplification attack, i.e. fraggle.
...and, in most cases, a suitable defense is to make sure that the router(s) into that broadcast domain don't forward directed broadcast traffic, ie, traffic which is not a broadcast on the network the router receives it on but is a broadcast on the network it would otherwise be sent to. (Most networks have no use for such traffic and most routers can be configured this way; indeed, I think some can't be made to behave any other way.) /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse () rodents-montreal org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- DoS help RandallM (Nov 08)
- Re: DoS help Dan White (Nov 08)
- Re: DoS help Thomas M Carlsson (Nov 08)
- Re: DoS help der Mouse (Nov 08)
- <Possible follow-ups>
- Re: DoS help RandallM (Nov 09)
- Re: DoS help RandallM (Nov 09)