[14194] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: smurf

daemon@ATHENA.MIT.EDU (Wayne Bouchard)
Mon Dec 8 15:05:29 1997

From: Wayne Bouchard <web@typo.org>
To: phil@charon.milepost.com (Phil Howard)
Date: Mon, 8 Dec 1997 11:39:45 -0700 (MST)
Cc: adrian@ourworld.net, nanog@merit.edu
In-Reply-To: <199712081815.MAA11978@charon.milepost.com> from "Phil Howard" at Dec 8, 97 12:15:37 pm

Since so far 6 people misunderstood this, I *meant* those networks
that don't need to permit it, should consider filtering inbound ICMP
echo request packets. (And, hence, blocking the spoofed packet from
causing an ICMP echo reply flood.)

> Adrian Chadd writes...
> 
> > A couple of problems:
> > 
> > * Filtering ALL ICMP is pretty silly, ICMP is there for more than just
> >   pings, and some of it is important.

----------------------------------------------------------------------
Wayne Bouchard                             GlobalCenter
web@primenet.com                           
Primenet Network Operations                Internet Solutions for
(602) 416-6422   800-373-2499 x6422        Growing Businesses
FAX: (602) 416-9422
http://www.primenet.com                    http://www.globalcenter.net
----------------------------------------------------------------------


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[14194] in North American Network Operators' Group

Re: smurf

daemon@ATHENA.MIT.EDU (Wayne Bouchard)Mon Dec 8 15:05:29 1997

daemon@ATHENA.MIT.EDU (Wayne Bouchard)
Mon Dec 8 15:05:29 1997