[12128] in North American Network Operators' Group
Re: smurf's attack...
daemon@ATHENA.MIT.EDU (Jon Green)
Fri Sep 5 15:55:53 1997
To: "Jordyn A. Buchanan" <jordyn@bestweb.net>
cc: nanog@merit.edu
In-reply-to: Your message of "Fri, 05 Sep 1997 15:24:58 EDT."
<v03102810b0360ad16204@[209.94.100.34]>
Date: Fri, 05 Sep 1997 14:45:17 -0500
From: Jon Green <jcgreen@netins.net>
On Fri, 5 Sep 1997 15:24:58 -0400, jordyn@bestweb.net writes:
>We're also using the following extended access list (along with
>anti-spoofing filters) to prevent smurf attacks from originating from our
>network:
>
>access-list XXX deny ip any 0.0.0.255 255.255.255.0
Folks, this is a bad idea. There are lots of completely valid IP
addresses out there that end in .255. True, most of them that
end in .255 ARE broadcast addresses, but if people implement this
kind of filtering on a large scale, it really breaks classless IP.
But that's just IMHO. :)
-Jon
-----------------------------------------------------------------
* Jon Green * "Life's a dance *
* jcgreen@netINS.net * you learn as you go" *
* Finger for Geek Code/PGP * *
* #include "std_disclaimer.h" * http://www.netins.net/showcase/jcgreen *
-------------------------------------------------------------------------
