North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [nsp] known networks for broadcast ping attacks
Jay R. Ashworth writes: }Ought IP stack implementations not to refuse to reply to ECHO_REQUEST }packets with destination address which are broadcast addresses? Why? It's a useful tool. }Ok, yes, I know that CIDR makes this harder, but knowing which nets }fall on non-octet boundaries is non-obvious, too, and this particular }attack wasn't trying... It's not hard - a host knows its own subnet mask and therefore can calculate its broadcast address trivially (my IP address logical-AND my subnet mask, plus all ones in the zero-portion of the mask). }.255 is _always_ a broadcast address, no? Wrong - consider what happens on nets whose subnet mask is less than 24 bits long (I have many such nets). 10.1.1.255 is a unicast host address if the mask is /23, or /22, or... Jeff -- Jeffrey S. Curtis | Internetwork Manager Argonne National Laboratory | Email: [email protected] 9700 South Cass Avenue, ECT-221 | Voice: 630/252-1789 Argonne, IL 60439 | Fax: 630/252-9689 |