North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [nsp] known networks for broadcast ping attacks
Maybe, I'm not completely understanding this, but from my own testing, it seems to me that, when I do this without regard to ip directed broadcast, I get one response back from the closest interface, but perhaps they are using source routing or something to cause this? In message <[email protected]>, Edward Henigin writes: > > this does work as you'd expect (it prevents the cisco >from framing an IP broadcast packet into an ethernet broadcast >frame) BUT unfortunately it can break Windows networking, as well >as BOOTP/DHCP, depending on how you're set up. > > but if you're not using one of the above (routed), then >by all means, 'no ip directed-broadcast' is an excellent way to go.. > >-- >On Wed, Jul 30, 1997 at 02:52:14PM -0700, Craig A. Huegen said: >> On Wed, 30 Jul 1997, Jeffrey S. Curtis wrote: >> >> ==>(And to answer the proverbial "how do I configure my router for that" >> ==>in advance, the answer is that, at least on my boxes, the not-allowing- >> ==>broadcast-pings-through-as-broadcasts-onto-the-target-media thing is on >> ==>by default. Source address filtering, however, is not.) >> >> For Ciscos, "no ip directed-broadcast" on your interfaces will >> prevent remote devices from sending directed broadcasts. No guarantees >> about applications it might break, though. >> >> /cah > --- Jeremy Porter, Freeside Communications, Inc. [email protected] PO BOX 80315 Austin, Tx 78708 | 1-800-968-8750 | 512-458-9810 http://www.fc.net
|