nanog mailing list archives
Re: ICMP Attacks???????
From: Josh Beck <jbeck () connectnet com>
Date: Thu, 21 Aug 1997 17:57:14 -0700 (PDT)
A router knows the network number and mask of each network to which it has an interface. Does it not make sense that the default thing for that router to do would be to trash incoming packets which carry a source address not on the network associated with that interface.
Given the predominance of Ascend in the marketplace, and their general configuration style, it would be cool to see an option "AllowIpSpoofing=Yes/No" or the like. The boxes already carry routes associated with each interface. If a packet arrives that doesn't have a route to get it back to the interface it came from, it would be dropped. Sure, this may not always be what you want, but in 99% of the cases it would be. Implementation via Radius would permit this to be removed from people you wish to allow to spoof. :) Josh Beck jbeck () connectnet com ---------------------------------------------------------------------- CONNECTNet INS, Inc. Phone: (619)450-0254 Fax: (619)450-3216 6370 Lusk Blvd., Suite F-208 San Diego, CA 92121 ----------------------------------------------------------------------
Current thread:
- Re: ICMP Attacks???????, (continued)
- Re: ICMP Attacks??????? Paul Ferguson (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 21)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 21)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 21)
- Re: ICMP Attacks??????? Greg A. Woods (Aug 21)
- Re: ICMP Attacks??????? Jon Green (Aug 22)
- Re: ICMP Attacks??????? Greg A. Woods (Aug 22)
- Re: ICMP Attacks??????? Joe Rhett (Aug 22)
- Message not available
- Re: ICMP Attacks??????? Jay R. Ashworth (Aug 22)
- Re: ICMP Attacks??????? Josh Beck (Aug 21)
- Blocking spoofing at the source (was: ICMP Attacks??) Joe Rhett (Aug 22)
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Josh Beck (Aug 22)
- Message not available
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Jay R. Ashworth (Aug 22)
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Robert Sanders (Aug 29)
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Phil Howard (Aug 22)
- Re: Blocking spoofing at the source (was: ICMP Attacks??) Robert Sanders (Aug 29)
- Re: ICMP Attacks??????? Peter E. Giza (Aug 21)
- Re: ICMP Attacks??????? Jon Lewis (Aug 21)
- Re: ICMP Attacks??????? Alex "Mr. Worf" Yuriev (Aug 21)
- Re: ICMP Attacks??????? Jon Lewis (Aug 21)