|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ICMP Attacks???????
Josh Beck writes: > I think it's critical that routers be capable of logging the > hardware addresses of ICMP, along with source addresses, so that these > attacks can be traced across shared media at exchanges. ICMP is only one of a dozen ways to attack people. There is no point in specially targetting ICMP. Unfortunately, it is, in practice, impossible to log ALL the traffic across a very busy router at an exchange point. In my opinion, the only long term solution here is software that is "smart" about tracebacks -- that is, can be directed in real time to log certain classes of traffic. Perry
|