[11894] in North American Network Operators' Group
Re: ICMP Attacks???????
daemon@ATHENA.MIT.EDU (Jon Lewis)
Thu Aug 21 21:32:43 1997
Date: Thu, 21 Aug 1997 21:23:35 -0400 (EDT)
From: Jon Lewis <jlewis@inorganic5.fdt.net>
To: "Peter E. Giza" <giza@adsmart.net>
cc: nanog@merit.edu
In-Reply-To: <33FCE373.452DFD31@adsmart.net>
On Thu, 21 Aug 1997, Peter E. Giza wrote:
> Make them read the 'ingress/egress filtering' by Paul Fergusson et. al.
> Apologies to
> Paul if I spelled his name incorrectly.
Short of fixing every network on the internet, does anyone have any useful
advice for what to do when smurfed? This happened to an FDT customer last
night, and it had our T1 (according to uunet) at about 500% capacity.
Obviously, until the attack stopped, our T1 wasn't too useful. I'm about
>< close to just asking uunet to block all icmp echo replies from coming
into FDT...but I know customers will complain.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will
Network Administrator | be proof-read for $199/message.
Florida Digital Turnpike |
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
