[12134] in North American Network Operators' Group
Re: smurf's attack...
daemon@ATHENA.MIT.EDU (Michael K. Sanders)
Fri Sep 5 16:25:24 1997
To: Jon Green <jcgreen@netins.net>
cc: "Jordyn A. Buchanan" <jordyn@bestweb.net>, nanog@merit.edu
In-reply-to: Your message of "Fri, 05 Sep 1997 14:45:17 CDT."
<199709051945.OAA26522@worf.netins.net>
Date: Fri, 05 Sep 1997 14:04:17 -0600
From: "Michael K. Sanders" <msanders@aros.net>
In message <199709051945.OAA26522@worf.netins.net>, Jon Green writes:
>On Fri, 5 Sep 1997 15:24:58 -0400, jordyn@bestweb.net writes:
>
>>access-list XXX deny ip any 0.0.0.255 255.255.255.0
>
>Folks, this is a bad idea. There are lots of completely valid IP
>addresses out there that end in .255. True, most of them that
>end in .255 ARE broadcast addresses, but if people implement this
>kind of filtering on a large scale, it really breaks classless IP.
Likewise, not all broadcast adresses necessarily end with .255,
so filtering .255 won't help anyway in the presence of something
like a /25 with a X.X.X.127 broadcast.
