North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [nsp] known networks for broadcast ping attacks
On Wed, Jul 30, 1997 at 07:56:11PM +0100, Alex.Bligh wrote: > Urm, 192.41.177.255 is the MAE-East LAN ?! Are you saying attacks are > being mounted from here or people are attacking this LAN (not > sure which is more worrying) What he's saying is that someone is mounting broadcast ping flooding attacks with forged source addresses which make them appear to be coming from MAE-East, among other places. He correctly notes that this _must_ be fixed at the boundary routers. Network operators: _please_ make sure your boundary routers do not allow you to send packets upstream which have source addresses on them which are not on your networks. Filters are your friend. A source address of 127.anything is pretty uncool, too, as are broadcast addresses... although those can be harder to figure out nowadays. Cheers, -- jra -- Jay R. Ashworth [email protected] Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "People propose, science studies, technology Tampa Bay, Florida conforms." -- Dr. Don Norman +1 813 790 7592
|