[23948] in North American Network Operators' Group
Smurf tone down
daemon@ATHENA.MIT.EDU (alex@nac.net)
Sat May 1 02:16:44 1999
Date: Sat, 1 May 1999 02:15:14 -0400 (EDT)
From: alex@nac.net
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Hello,
To help quench the effects of smurf attacks on our network, we CEF-CAR all
ICMP on our egress points to about 200% of normal ICMP flows.
However, when a upstream becomes full of ICMP (even though we dump most of
it), it still affects our external connectivity.
My question is, why don't larger upstream providers use CEF-CAR (assuming
that most use this) do the same to limit the effect of smurf attacks on
thier (and subsequently, thier customers') networks?
The floor is open for flames.
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Atheism is a non-prophet organization. I route, therefore I am.
Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member
Father of the Network and Head Bottle-Washer
Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
