[16469] in North American Network Operators' Group
Re: Router modifications to deal with smurf
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Sun Apr 26 18:47:27 1998
Date: Sun, 26 Apr 1998 15:35:29 -0700 (PDT)
From: "Craig A. Huegen" <chuegen@quadrunner.com>
Reply-To: "Craig A. Huegen" <chuegen@quadrunner.com>
To: Rusty Zickefoose <rusty@mci.net>
cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.3.96.980425172212.6993B-100000@chert>
On Sat, 25 Apr 1998, Rusty Zickefoose wrote:
==> So, if someone, or possibly a group of someones, were to make the
==>following request to the various router vendors, would they be met with
==>approval by most of the readers?
==>
==> We requests that your routers be configurable, at the interface
==>level, to prevent the forwarding of an ICMP echo-request packet through an
==>interface that has a broadcast or wire address that matches the
==>destination address of that packet. We also request that the default
==>configurations of your routers be modified to prevent said forwarding.
This is against RFC 1812.
RFC 1812, "Requirements for IP Version 4 Routers", Section 5.3.5,
specifies:
---
A router MAY have an option to disable receiving network-prefix-
directed broadcasts on an interface and MUST have an option to
disable forwarding network-prefix-directed broadcasts. These options
MUST default to permit receiving and forwarding network-prefix-
directed broadcasts.
---
Someone has stated before that editor(s) of said RFC are aware of this and
have discussed the change in default.
Note that I'm not arguing that it *should* be the default, I'm just
arguing that vendors have implemented it this way because that's the way
they were told to in the RFC. If after reading
http://www.quadrunner.com/~chuegen/smurf.txt, you think that I believe
directed-broadcasts should be on by default, go back and read agian. =)
Now, since this has been beaten past the jelly stage, can we please put
the topic to sleep? Thank you.
/cah
