[16185] in North American Network Operators' Group
Re: SMURF amplifier block list
daemon@ATHENA.MIT.EDU (Stephen Sprunk)
Tue Apr 14 16:42:31 1998
Date: Tue, 14 Apr 1998 15:25:34 -0500
From: Stephen Sprunk <sprunk@paranet.com>
To: Karl Denninger <karl@mcs.net>
CC: Aaron Beck <abeck@falcon.org>, nanog@merit.edu
Are we really concerned about being smurfed by a /30, or even a /27?
The essential problem is backbone class-C's, especially those in NAPs
where coordination is nearly impossible. Smaller subnets tend to be in
small ISPs' or customers' networks, which don't pose a threat since they
lack the bandwidth for an effective attack.
Stephen
Karl Denninger wrote:
>
> The larger problem is that subnetted /24s still are wide open. This kind of
> filter won't block anything from their broadcast addresses, since they're
> not the .255 address.
>
--
Stephen Sprunk "Oops." Email: sprunk@paranet.com
Sprint Paranet -Albert Einstein ICBM: 33.00151N 96.82326W
