[22555] in North American Network Operators' Group
Re: Huge smurf attack
daemon@ATHENA.MIT.EDU (Phil Howard)
Mon Jan 11 20:50:18 1999
From: Phil Howard <phil@whistler.intur.net>
To: chris@westnet.com (Christopher X. Candreva)
Date: Mon, 11 Jan 1999 19:35:06 -0600 (CST)
Cc: jeremiah@fs.IConNet.NET, bross@mindspring.net, nanog@merit.edu
In-Reply-To: <Pine.SUN.4.05.9901111338000.21909-100000@westnet.com> from "Christopher X. Candreva" at Jan 11, 99 01:38:30 pm
Christopher X. Candreva wrote:
> Maybe the person who was attacked from that address can do a trace to it ?
> Obviously THEY have a route to it.
No, you don't have to have a route (back) to A.B.C.D to have a packet
arrive with a source address of A.B.C.D. It might be nice if that were
the case in every router, but smurf can be effective just because this
is _not_ the case (as applies to the originating echo requests).
--
-- *-----------------------------* Phil Howard KA9WGN * --
-- | Inturnet, Inc. | Director of Internet Services | --
-- | Business Internet Solutions | eng at intur.net | --
-- *-----------------------------* philh at intur.net * --
