[16435] in North American Network Operators' Group
Re: Network Operators and smurf
daemon@ATHENA.MIT.EDU (Al Reuben)
Sat Apr 25 12:54:57 1998
Date: Sat, 25 Apr 1998 12:49:25 -0400 (EDT)
From: Al Reuben <alex@nac.net>
To: Havard.Eidnes@runit.sintef.no
cc: nanog@merit.edu
In-Reply-To: <199804251635.SAA17378@vader.runit.sintef.no>
The other extreme is that, what if you are singly-homed? Then it is
useless again.
My point is, I would guess that if you are not single-homed (in which case
this is useless), you are multi-homed, and your traffic probably isn't
symmetrical.
Therefore, I think this feature is of limited usefullness.
> It would prevent simple spoofing, yes, but that would not
> eliminate the Smurf attacks since to mount a Smurf attack you
> need to use the victim's address as your source address, and that
> one *is* typically "valid" according to the criteria you mention
> above (?).
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Atheism is a non-prophet organization.
I route, therefore I am.
Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member
Father of the Network and Head Bottle-Washer
Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP! We have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
