nanog mailing list archives
Re: identify hostname
From: Jonathan Mischo <supertaz () mindspring net>
Date: Thu, 3 Dec 1998 19:27:28 -0500 (EST)
theoretically speaking. -Taz -- Jonathan "Taz" Mischo -- Network Slave -- supertaz () mindspring net Mindspring Enterprises, Inc. 1430 W. Peachtree St. Suite 400 Atlanta, GA 30309 1.800.719.4664 x2705 404.287.0770 x2705 fax: 404.287.0885 pager: pagetaz () netops mindspring net M-F2-10pET On Thu, 3 Dec 1998, Roeland M.J. Meyer wrote:
That won't work for them because you are using the same data to build filters. In fact, you can do it in a script, automate the whole thing.. At 06:29 PM 12/3/98 -0500, Jonathan Mischo wrote:this makes sense...until someone gets lazy, and takes a week to filter, and the smurf brats catch on, and start querying DNS to find amplifiers. -Taz -- Jonathan "Taz" Mischo -- Network Slave -- supertaz () mindspring net Mindspring Enterprises, Inc. 1430 W. Peachtree St. Suite 400 Atlanta, GA 30309 1.800.719.4664 x2705 404.287.0770 x2705 fax: 404.287.0885 pager: pagetaz () netops mindspring net M-F2-10pET On Thu, 3 Dec 1998, Roeland M.J. Meyer wrote:At 11:32 AM 12/2/98 -0700, Pete Kruckenberg wrote:I do have an access list deny for incoming destinations to *.*.*.255 since I do know that the only customer we have with larger than a /24 from us (via cw.net) also happens to have nothing larger than /26 in their network. AFAIK, today, smurfers are only using *.*.*.255. They would have to track a lot more information to use others, so for now I can generally expect that deny to prevent us from being an amplifier.It's not difficult to find subnet broadcast addresses, since few routers (if they even support it) are configured to filter ICMP replies. If there isn't already software out there, it will take all of a few hours to add broadcast-finding code to the smurfing software in existence.Guys, Why not make your down-stream fill out a *complete* IN-ADDR.ARPA file which lists their sub-net bcast and base addresses? That way yo could use the DNS system itself to find those addresses. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer () mhsc com>rmeyer () mhsc com Internet phone: hawk.mhsc.com Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com ___________________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer () mhsc com>rmeyer () mhsc com Internet phone: hawk.mhsc.com Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com ___________________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
Current thread:
- Re: identify hostname, (continued)
- Re: identify hostname Roeland M.J. Meyer (Dec 03)
- Re: identify hostname Dean Anderson (Dec 01)
- Re: identify hostname Pete Kruckenberg (Dec 01)
- Re: identify hostname Rusty Zickefoose (Dec 01)
- Re: identify hostname John Fraizer (Dec 01)
- Re: identify hostname Phil Howard (Dec 02)
- Re: identify hostname Pete Kruckenberg (Dec 02)
- Re: identify hostname Roeland M.J. Meyer (Dec 03)
- Re: identify hostname Jonathan Mischo (Dec 03)
- Message not available
- Re: identify hostname Roeland M.J. Meyer (Dec 03)
- Re: identify hostname Jonathan Mischo (Dec 03)
- Re: identify hostname Pete Kruckenberg (Dec 01)
- Re: identify hostname Craig A. Huegen (Dec 02)
- Re: identify hostname Brandon Ross (Dec 02)
- Re: identify hostname Phillip Vandry (Dec 02)
- Re: identify hostname Craig A. Huegen (Dec 02)
- Re: identify hostname Steven J. Sobol (Dec 01)