[4401] in North American Network Operators' Group
Re: SYN Flooding [info] (fwd)
daemon@ATHENA.MIT.EDU (Mr. Jeremy Hall)
Sun Sep 15 19:48:42 1996
From: "Mr. Jeremy Hall" <jhall@rex.isdn.net>
To: freedman@netaxs.com (Avi Freedman)
Date: Sun, 15 Sep 1996 18:23:25 -0500 (CDT)
Cc: nanog@merit.edu
In-Reply-To: <199609152056.QAA11314@netaxs.com> from "Avi Freedman" at Sep 15, 96 04:56:43 pm
-->
-->> > Alexis feels that it's very important to get wide press coverage, to
-->> > help to force ISPs/NSPs to filter outbound crap from their network.
-->>
-->> While I agree with the goal here, I've been a bit disturbed by the
-->> undercurrent of antipathy toward 'clueless small ISPs'. I'm as small
-->> as ISPs come, and I've been outbound filtering against source
-->> addresses not in my address space at least since last April. How many
-->> of the clueful here can say that? Not many, I'll venture. For that
-->> matter, when did Alexis begin filtering outbound?
-->>
-->> I'd like the concept changed from 'forcing' to 'educating' and to have
-->> it done without disparagement for not already knowing.
-->>
-->> Dick St.Peters, Gatekeeper, Pearly Gateway, Ballston Spa, NY
-->
-->Umm, if you've been outbound filtering against source addresses not in your
-->address space for many moons, then by definition you are not a 'clueless
-->small ISP'...
-->
-->Avi
-->
I have been looking through the Bay Networks MIB specification to see how
to filter outbound packets. I understand the concept of filtering
outbound packets, but am unable to use their site manager program to
implement the filters. I know where to look in the mib, but the MIB
specification says, "a binary representation of the filter" here and does
not elaborate. If it were a cisco, I could easily filter our outbound
traffic. If any of you have access to a bay networks router that is not
in production, please consider creating some sample filters so I can
figure out how to create my own. or if you have a batch file that does
it, that would be nice too.
Thanks in advance.
--
-------------------------------------------
| Jeremy Hall Network Engineer |
| ISDN-Net, Inc Office +1-615-371-1625 |
| Nashville, TN and the southeast USA |
| jhall@isdn.net Pager +1-615-702-0750 |
-------------------------------------------
