North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP Attacks???????

  • From: Dan Merillat
  • Date: Fri Aug 15 15:46:28 1997

Josh Beck writes:
> 	I think it's critical that routers be capable of logging the
> hardware addresses of ICMP, along with source addresses, so that these
> attacks can be traced across shared media at exchanges. As it is now, it's
> hard enough to trace it back across a backbone, but if it crosses a MAE,
> it's perfectly anonymous unless new techniques are around that we aren't
> aware of.
and TCP (Syn flooding) and UDP (pepsi.c)...

an IOS port of tcpdump would probably make it a lot simpler.