[14690] in North American Network Operators' Group
Re: Reporting Little Blue Men
daemon@ATHENA.MIT.EDU (Eric Wieling)
Wed Jan 21 17:28:51 1998
Date: Wed, 21 Jan 1998 15:34:28 -0600
From: Eric Wieling <eric@ccti.net>
To: nanog@merit.edu
In-Reply-To: <4DB4BFFE4768D011954E0000C0815AEDA477C6@fnbdc1.youtools.com>; from Dave Van Allen on Tue, Jan 20, 1998 at 07:50:16PM -0500
On Tue, Jan 20, 1998 at 07:50:16PM -0500, Dave Van Allen wrote:
> Start by making sure your RAS users and direct customers (your network's
> edge) can only output packets that contain their valid source address.
> If everyone did this, all of the world's problems would go away; Ozone
> depletion, world hunger, that silly rain forest thing, Smurfs and DoS
> and maybe even Microsoft! :-)
We prevent ANY packets to or from our network with a broadcast
address. We don't filter on a per-machine basis for address
spoofing, but ALL packets leaving our network must have a valid
address on our network. Basically, one user on our network can spoof
another user on our network, but no users can spoof addresses that
are not on our network.
--Eric
--
Eric Wieling (eric@ccti.net), Chesapeake Communications Corporation
Sales: sales@ccti.net 504-585-1850, Support: support@ccti.net 504-535-5449
We have changed our name! Corporate Communications Technology is now
known as Chesapeake Communications Corporation.
