[22040] in North American Network Operators' Group
Re: identify hostname
daemon@ATHENA.MIT.EDU (Roeland M.J. Meyer)
Thu Dec 3 19:46:11 1998
Date: Thu, 03 Dec 1998 16:14:21 -0800
To: Jonathan Mischo <supertaz@mindspring.net>
From: "Roeland M.J. Meyer" <rmeyer@mhsc.com>
Cc: Pete Kruckenberg <pete@kruckenberg.com>, nanog@merit.edu
In-Reply-To: <Pine.BSF.4.01.9812031828500.15222-100000@marduk.netops.min
dspring.net>
That won't work for them because you are using the same data to build
filters. In fact, you can do it in a script, automate the whole thing..
At 06:29 PM 12/3/98 -0500, Jonathan Mischo wrote:
>this makes sense...until someone gets lazy, and takes a week to filter,
>and the smurf brats catch on, and start querying DNS to find amplifiers.
>
>-Taz
>
>--
>Jonathan "Taz" Mischo -- Network Slave -- supertaz@mindspring.net
>Mindspring Enterprises, Inc. 1430 W. Peachtree St. Suite 400
>Atlanta, GA 30309 1.800.719.4664 x2705 404.287.0770 x2705
>fax: 404.287.0885 pager: pagetaz@netops.mindspring.net M-F2-10pET
>
>On Thu, 3 Dec 1998, Roeland M.J. Meyer wrote:
>
>> At 11:32 AM 12/2/98 -0700, Pete Kruckenberg wrote:
>> >> I do have an access list deny for incoming destinations to *.*.*.255
>> >> since I do know that the only customer we have with larger than a /24
>> >> from us (via cw.net) also happens to have nothing larger than /26 in
>> >> their network. AFAIK, today, smurfers are only using *.*.*.255. They
>> >> would have to track a lot more information to use others, so for now I
>> >> can generally expect that deny to prevent us from being an amplifier.
>> >
>> >It's not difficult to find subnet broadcast addresses, since few routers
>> >(if they even support it) are configured to filter ICMP replies. If there
>> >isn't already software out there, it will take all of a few hours to add
>> >broadcast-finding code to the smurfing software in existence.
>>
>> Guys,
>>
>> Why not make your down-stream fill out a *complete* IN-ADDR.ARPA file which
>> lists their sub-net bcast and base addresses? That way yo could use the DNS
>> system itself to find those addresses.
>> ___________________________________________________
>> Roeland M.J. Meyer, ISOC (InterNIC RM993)
>> e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com
>> Internet phone: hawk.mhsc.com
>> Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer
>> Company web-site: <http://www.mhsc.com/>www.mhsc.com
>> ___________________________________________________
>> Who is John Galt?
>> "Atlas Shrugged" - Ayn Rand
>>
>
___________________________________________________
Roeland M.J. Meyer, ISOC (InterNIC RM993)
e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com
Internet phone: hawk.mhsc.com
Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer
Company web-site: <http://www.mhsc.com/>www.mhsc.com
___________________________________________________
Who is John Galt?
"Atlas Shrugged" - Ayn Rand
