[15709] in North American Network Operators' Group
Floating an idea...
daemon@ATHENA.MIT.EDU (Karl Denninger)
Wed Mar 18 01:26:54 1998
Date: Wed, 18 Mar 1998 00:18:09 -0600
From: Karl Denninger <karl@mcs.net>
To: nanog@merit.edu
Hi folks,
What say all of you to the following idea:
Block at the entry/peer router level all packets from networks which
are shown to be "Smurf friendly" - that is, those network numbers
and/or blocks which are smurf amplifiers (have directed broadcasts
enabled)?
I was thinking of something similar to the RBL, but that doesn't quite do
it; a pull-down route to a sink doesn't do you any good, since what you're
after is the *source* address.
Now I know this may be entirely impractical for some folks, if for no other
reason than CPU resources in those gateways.
But this kind of thing would certainly send a message to those open
amplifier networks in a big hurry.
Think of it as an "attractive nuisance" problem (and fix).
-
--
Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV
| NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
