nanog mailing list archives
Re: [nsp] known networks for broadcast ping attacks
From: Jon Lewis <jlewis () inorganic5 fdt net>
Date: Wed, 30 Jul 1997 17:38:12 -0400 (EDT)
On Wed, 30 Jul 1997, Jay R. Ashworth wrote:
.255 is _always_ a broadcast address, no?
What if you supernet multiple /24's into something larger (say a /21) for an obnoxiously large flat network. You'd have multiple hosts with x.y.z.255 addresses that were not broadcast addresses...no? It probably only makes sense to filter broadcast targeted traffic coming into your network, since you can only be sure what's a broadcast address within your own net. Somebody recently mentioned no ip directed-broadcast. That seems to stop incoming packets for your broadcast address...so someone then can't use your site as a ping amplifier to attack someone else by sending ping packets to your broadcast address claiming a source address of the intended victim. For similar reasons, I block udp chargen requests and replies at our GNV border router. ------------------------------------------------------------------ Jon Lewis <jlewis () fdt net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ________Finger jlewis () inorganic5 fdt net for PGP public key_______
Current thread:
- known networks for broadcast ping attacks Edward Henigin (Jul 30)
- Re: known networks for broadcast ping attacks J.D. Falk (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Alex.Bligh (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jay R. Ashworth (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Paul Ferguson (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Netstat Webmaster (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jay R. Ashworth (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jordyn A. Buchanan (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jay R. Ashworth (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Michael Shields (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Joe Rhett (Jul 30)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Jay R. Ashworth (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Alex.Bligh (Jul 31)
- Re: [nsp] known networks for broadcast ping attacks Netstat Webmaster (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Systems Engineer (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks root (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Systems Engineer (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks root (Jul 30)
- Re: [nsp] known networks for broadcast ping attacks Systems Engineer (Jul 30)