[12788] in North American Network Operators' Group
Re: Denial of service attacks apparently from UUNET Netblocks
daemon@ATHENA.MIT.EDU (Karl Denninger)
Wed Oct 8 09:28:51 1997
Date: Wed, 8 Oct 1997 08:11:13 -0500
From: Karl Denninger <karl@Mcs.Net>
To: Brett Frankenberger <brettf@netcom.com>
Cc: Joe Shaw <jshaw@insync.net>, nanog@merit.edu
In-Reply-To: <199710080203.TAA22584@netcom8.netcom.com>; from Brett Frankenberger on Tue, Oct 07, 1997 at 09:03:15PM -0500
On Tue, Oct 07, 1997 at 09:03:15PM -0500, Brett Frankenberger wrote:
> :: Joe Shaw writes ::
> >
> > Although this is all true, it still doesn't explain the fact that UUNet is
> > allowing broadcast packets through their network. One would think that
> > with the recent increase in broadcast DoS attacks, that UUNet would have
> > taken a much more proactive stance.
>
> 167.132.194.255 is not a broadcast address.
>
> 167.132.2.15 is a broadcast address.
>
> How would you expect UUNet to know that?
>
> - Brett (brettf@netcom.com)
On the device which forwarded the packet(s) to the device which echoes them,
it *does* know.
--
--
Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service
| NEW! K56Flex modem support is now available
Voice: [+1 312 803-MCS1 x219]| 56kbps DIGITAL ISDN DOV on analog lines!
Fax: [+1 312 803-4929] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal
