Re: Smurfing

["Alex P. Rudnev" <alex () Relcom EU net>]

> Subject: Re: Smurfing
>
>
> Prehaps RFC1812 *should* be updated to reflect that this
> is destructive behavior.
Good news.

One more question (just is there is someone from the CISCO) - what's 
about source-address filtering at default for the access servers/routers? 
Note all this problems (SMURF, DENIAL-ATTACK, DNS-FRAUDING, etc etc) can 
be 100% blocked if ISP would not allow it's customers to send IP packets 
with the wrong SRC address. If not, they (hackers) should found new, new 
and new tricks to fraud any IP network.


> Having said that, this is work whch should be suggested to
> the IETF -- the NANOG participants, being operations focused,
> are in a very good position  to make noise on this front.
>
> - paul
>
> > Excerpted from section 5.3.5:
> >
> >    A router MAY have an option to disable receiving network-prefix-
> >    directed broadcasts on an interface and MUST have an option to
> >    disable forwarding network-prefix-directed broadcasts.  These options
> >    MUST default to permit receiving and forwarding network-prefix-
> >    directed broadcasts.
> >
> > Or perhaps because the folks on this list haven't made it clear enough
> > to their vendors that the default should be "off" <hint>.

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)