[11488] in North American Network Operators' Group
Re: [nsp] known networks for broadcast ping attacks
daemon@ATHENA.MIT.EDU (Michael Shields)
Wed Jul 30 17:43:31 1997
From: shields@crosslink.net (Michael Shields)
To: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
Cc: "Jordyn A. Buchanan" <jordyn@bestweb.net>, "Alex.Bligh" <amb@xara.net>,
cisco-nsp@cic.net, nanog@merit.edu
Date: 30 Jul 1997 20:56:51 +0000
In-Reply-To: "Jay R. Ashworth"'s message of Wed, 30 Jul 1997 16:44:15 -0400
"Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us> writes:
> Ought IP stack implementations not to refuse to reply to ECHO_REQUEST
> packets with destination address which are broadcast addresses?
Apparently some management packages search out hosts using broadcast
pings. Not the best decision IMO.
This was discussed a couple of days ago on bugtraq and I posted a
Linux patch to cause it not to answer broadcast pings.
*** How do you configure your router for that? no ip directed-broadcast.
--
Shields, CrossLink.
