nanog mailing list archives
Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
From: Karl Denninger <karl () mcs net>
Date: Sat, 27 Dec 1997 21:20:24 -0600
On Sat, Dec 27, 1997 at 05:54:08PM -0500, Dorian R. Kim wrote:
On Sat, Dec 27, 1997 at 03:25:11PM -0700, Darin Wayrynen wrote:I had to modify code to parse the password file. I did not try to determine if this was because I wasn't using the recommended hardware/software platform, or because the tool was created to work with a MCI specific environment.While I can't comment on this specific problem, MCI's dostracker doesn't work if you are running DCEF. This makes dostracker useless in many networks. -dorian
Then you damn well better not be permitting any of the following: 1) Forged source addresses (this CAN be stopped with specific filters on your interfaces, although some will bitch about the performance impact - depending on their specific choices) 2) Directed broadcasts (which are used to "create" these DOS attacks by bouncing the attack off a particularly-well-connected location, USUALLY a provider's internal infrastructure). Block both of those and Smurfs would disappear. If you can trace the TRUE source of such an attack quickly, people will go to jail for this. The only reason they are popular is because the source addresses CAN be forged. THIS CAN BE PREVENTED. -- -- Karl Denninger (karl () MCS Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly to FULL DS-3 Service | NEW! K56Flex support on ALL modems Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
Current thread:
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED, (continued)
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Reid B. Fishler (Dec 27)
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Karl Denninger (Dec 27)
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Darin Wayrynen (Dec 27)
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Karl Denninger (Dec 27)
- smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Network Operations Center (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Phil Howard (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Darin Wayrynen (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Pete Ashdown (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Darin Wayrynen (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Dorian R. Kim (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Phil Howard (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
- Re: smurf, the MCI-developed tracing tools Dax Kelson (Dec 28)
- Re: smurf, the MCI-developed tracing tools Karl Denninger (Dec 29)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Bradley Reynolds (Dec 28)