[16088] in North American Network Operators' Group
SMURF amplifier block list
daemon@ATHENA.MIT.EDU (Karl Denninger)
Sat Apr 11 16:47:38 1998
Date: Sat, 11 Apr 1998 15:25:33 -0500
From: Karl Denninger <karl@mcs.net>
To: nanog@merit.edu
The following networks and masks are banned from our network at the core due
to being smurf amplifiers.
When the folks who own these STOP THIS, we'll take them off the list.
Contact me by TELEPHONE if you want to discuss this matter or what a Smurf
is and why you should care.
I'm going to start posting the blacklist here weekly in the hopes that peer
pressure will cause people to clean up their acts. Until you DO clean up
your act, you're not transiting our network - period.
We're not going to accept this kind of vandalism and attractive nuisance any
more. If you haven't disabled directed broadcast forwarding, you are a
potential listee on this blacklist.
DO IT NOW, or risk connectivity blockades.
I urge all other network providers to block any identified smurf amplifier
that they can verify, and to post their list as well.
Only through public pressure can people be forced to CORRECTLY configure
their networks to make these attacks impossible to launch.
access-list 2 deny 128.118.0.0 0.0.255.255
access-list 2 deny 129.24.0.0 0.0.255.255
access-list 2 deny 129.111.0.0 0.0.255.255
access-list 2 deny 129.100.0.0 0.0.255.255
access-list 2 deny 128.40.0.0 0.0.255.255
access-list 2 deny 129.101.0.0 0.0.255.255
access-list 2 deny 203.64.0.0 0.0.255.255
access-list 2 deny 129.115.0.0 0.0.255.255
access-list 2 deny 203.108.225.0 0.0.0.255
access-list 2 deny 129.60.0.0 0.0.255.255
access-list 2 deny 137.79.0.0 0.0.255.255
access-list 2 deny 130.37.0.0 0.0.255.255
access-list 2 deny 130.70.0.0 0.0.255.255
access-list 2 deny 203.108.236.0 0.0.0.255
access-list 2 deny 132.169.0.0 0.0.255.255
access-list 2 deny 129.107.0.0 0.0.255.255
access-list 2 deny 129.49.0.0 0.0.255.255
access-list 2 deny 129.96.0.0 0.0.255.255
access-list 2 deny 130.65.0.0 0.0.255.255
access-list 2 deny 134.205.0.0 0.0.255.255
access-list 2 deny 129.29.0.0 0.0.255.255
access-list 2 deny 204.48.224.0 0.0.0.255
access-list 2 deny 205.177.49.0 0.0.0.255
access-list 2 deny 204.47.208.0 0.0.0.255
access-list 2 deny 204.242.172.0 0.0.0.255
access-list 2 deny 194.6.129.0 0.0.0.255
access-list 2 deny 206.31.78.0 0.0.0.255
access-list 2 deny 207.211.60.0 0.0.0.255
access-list 2 deny 206.27.242.0 0.0.0.255
access-list 2 deny 207.175.67.0 0.0.0.255
I'm sure there are more, but these are the ones blacklisted in our
network configuration right now.
--
--
Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV
| NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
