[12132] in North American Network Operators' Group
Re: smurf's attack...
daemon@ATHENA.MIT.EDU (Jordyn A. Buchanan)
Fri Sep 5 16:19:33 1997
In-Reply-To: <199709051945.OAA26522@worf.netins.net>
Date: Fri, 5 Sep 1997 15:59:56 -0400
To: Jon Green <jcgreen@netins.net>
From: "Jordyn A. Buchanan" <jordyn@bestweb.net>
Cc: nanog@merit.edu
At 2:45 PM -0500 9/5/97, Jon Green wrote:
>On Fri, 5 Sep 1997 15:24:58 -0400, jordyn@bestweb.net writes:
>
>>We're also using the following extended access list (along with
>>anti-spoofing filters) to prevent smurf attacks from originating from our
>>network:
>>
>>access-list XXX deny ip any 0.0.0.255 255.255.255.0
>
>
>Folks, this is a bad idea. There are lots of completely valid IP
>addresses out there that end in .255. True, most of them that
>end in .255 ARE broadcast addresses, but if people implement this
>kind of filtering on a large scale, it really breaks classless IP.
Eep, this is true. (Stupid me).
Haven't had any complaints yet from users unable to access anything yet,
but so much for making the 'Net slightly safer from this crap.
Jordyn
|----------------------------------------------------------------|
|Jordyn A. Buchanan mailto:jordyn@bestweb.net |
|Bestweb Corporation http://www.bestweb.net |
|Senior System Administrator +1.914.271.4500 |
|----------------------------------------------------------------|
