nanog mailing list archives
Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement)
From: Bradley Reynolds <brad () b63695 student cwru edu>
Date: Sun, 28 Dec 1997 19:40:18 -0500 (EST)
Huh? ICMP floods vs TCP floods. Aren't they both IP or have I missed something glaringly obvious.
Yes, both are independent of the network layer protocol which operates beneath them (which in this case is IP) The difference is that you can filter icmp seperately from tcp to give you some sort of granularity with your acl policy. This is important in that if you deny icmp traffic to a specific segment of your network (or in from your serial interface for the whole thing) you are still vulnerable to the publicized attacks which exploit vulnerabilities inherent in TCP. The whole point for this discussion was that you should be a responsible network administrator and understand the trouble you could cause the people you are connected to. Once you understand that, you can take use the facilities that your vendor provides to limit the damage so to speak. BR brad reynolds ber () cwru edu
Current thread:
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement), (continued)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Phil Howard (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 27)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 27)
- Re: smurf, the MCI-developed tracing tools Dax Kelson (Dec 28)
- Re: smurf, the MCI-developed tracing tools Karl Denninger (Dec 29)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Bradley Reynolds (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Adrian Chadd (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Karl Denninger (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Paul Ferguson (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Ken Leland (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Dalvenjah FoxFire (Dec 28)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Alex P. Rudnev (Dec 31)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Phil Howard (Dec 29)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Alex P. Rudnev (Dec 31)
- Re: smurf, the MCI-developed tracing tools (was Re: Bogus announcement) Dale Drew (Dec 27)
- Re: Bogus announcement of 205.164.62.0/24 by AGIS - CLEARED Reid B. Fishler (Dec 27)