nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reporting Little Blue Men

From: "Jay R. Ashworth" <jra () scfn thpl lib fl us>
Date: Thu, 22 Jan 1998 19:09:47 -0500
On Thu, Jan 22, 1998 at 10:21:46AM -0800, Justin W. Newton wrote:

At 11:41 AM 1/22/98 -0500, Eric Osborne wrote:

In other words, I can't prevent my customers from sending packets to
a broadcast address, esp. on a subnet smaller than /24.  You might be
able to block outgoing packets for destination x.y.z.255, but if you've got
a mask >/24 (/23, etc..), couldn't .255 be a valid host address?


Yes, it could be, actually.  I tried to use it as WAN pool address once
though and it horrendously confused the RAS, as well as several UNIX boxen
on the network.


Yes, it could be, but let's remember; isn't the smurf attack the one
that _depends_ on a forged _source_ IP address in order to "work"?

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra () baylink com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
Tampa Bay, Florida             on alt.fan.heinlein              +1 813 790 7592
Previous By Date Next
Previous By Thread Next

Current thread: