[15406] in North American Network Operators' Group
Re: Smurfing
daemon@ATHENA.MIT.EDU (Bradley Reynolds)
Tue Feb 17 17:31:28 1998
Date: Tue, 17 Feb 1998 17:39:39 -0500 (EST)
From: Bradley Reynolds <brad@baz.org>
To: Paul Ferguson <pferguso@cisco.com>
cc: nanog@merit.edu
In-Reply-To: <199802162341.PAA03227@lint.cisco.com>
> See RFC2267.
>
> - paul
>
>
> > Good news.
> >
> > One more question (just is there is someone from the CISCO) - what's
> > about source-address filtering at default for the access servers/routers?
> > Note all this problems (SMURF, DENIAL-ATTACK, DNS-FRAUDING, etc etc) can
> > be 100% blocked if ISP would not allow it's customers to send IP packets
> > with the wrong SRC address. If not, they (hackers) should found new, new
> > and new tricks to fraud any IP network.
> >
>
You can apply the RPF idiom from multicast to block unicast
flooding. This would instantly solve the problem, though I am
not sure what overhead the path evaluation would incur.
BR
brad@iagnet.net
