[16198] in North American Network Operators' Group
Re: SMURF amplifier block list - READ THIS
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Tue Apr 14 19:29:38 1998
Date: Tue, 14 Apr 1998 19:18:17 -0400
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
To: nanog@merit.edu
In-Reply-To: <19980414172242.43601@mcs.net>; from Karl Denninger <karl@mcs.net> on Tue, Apr 14, 1998 at 05:22:42PM -0500
On Tue, Apr 14, 1998 at 05:22:42PM -0500, Karl Denninger wrote:
> Uh, folks, blocking the broadcast address will NOT help you in the case
> of a smurf POUNDING ON YOU. It will ONLY prevent your customers launching
> a smurf against someone ELSE. A FAR more effective means of doing THAT is
> to prohibit source address forgery on your connections.
Um, Karl? That's not what we were talking about.
What we were talking about was forbidding external connections to the
class-C broadcast addresses on a net, and why that useful process made
addressing hosts on .255 boundaries A Bad Idea.
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby,
Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com
