[14718] in North American Network Operators' Group
Re: Reporting Little Blue Men
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Thu Jan 22 19:23:00 1998
Date: Thu, 22 Jan 1998 19:09:47 -0500
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
To: nanog@merit.edu
In-Reply-To: <3.0.2.32.19980122102146.00fe8db0@local.mail.priori.net>; from "Justin W. Newton" <justin@priori.net> on Thu, Jan 22, 1998 at 10:21:46AM -0800
On Thu, Jan 22, 1998 at 10:21:46AM -0800, Justin W. Newton wrote:
> At 11:41 AM 1/22/98 -0500, Eric Osborne wrote:
> >In other words, I can't prevent my customers from sending packets to
> >a broadcast address, esp. on a subnet smaller than /24. You might be
> >able to block outgoing packets for destination x.y.z.255, but if you've got
> >a mask >/24 (/23, etc..), couldn't .255 be a valid host address?
>
> Yes, it could be, actually. I tried to use it as WAN pool address once
> though and it horrendously confused the RAS, as well as several UNIX boxen
> on the network.
Yes, it could be, but let's remember; isn't the smurf attack the one
that _depends_ on a forged _source_ IP address in order to "work"?
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby,
Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
