[22595] in North American Network Operators' Group
Re: source filtering
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Tue Jan 12 16:00:15 1999
Date: Tue, 12 Jan 1999 10:58:17 -0800
From: "Craig A. Huegen" <chuegen@quadrunner.com>
Old-To: Alex Bligh <amb@gxn.net>, Jared Mauch <jared@puck.nether.net>
Cc: nanog@merit.edu
In-Reply-To: <199901121825.SAA18719@diamond.xara.net>; from Alex Bligh on Tue, Jan 12, 1999 at 06:25:47PM +0000
To: boblevy@ix.netcom.com
On Tue, Jan 12, 1999 at 06:25:47PM +0000, Alex Bligh wrote:
==>Is UDP smurf much in evidence? (send a UDP packet to the broadcast address
==>on the echo server port and you'll either get ICMP port unreachables
==>back or UDP echos). The reason I ask is that edge ICMP rate
==>limiting won't help UDP.
People are still preferring ICMP smurfs as the reflection is usually
greater.
With that said, you can use a line like the following to filter UDP
echo smurfs at the network border; it won't affect other UDP traffic.
access-list 101 permit udp any eq 7 any
/cah
