North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ICMP Attacks???????

  • From: Edward Henigin
  • Date: Fri Aug 22 02:09:13 1997

	uunet won't (can't) block those echo replies.  It will KILL
their routers.

	BUT that will all change when the fast-drop code goes mainstream..
uunet and other networks are going to have to help their customers out,
by loading this code and doing some filtering for their customers.

	Will you do so?  Big networks for North America?

On Thu, Aug 21, 1997 at 09:23:35PM -0400, Jon Lewis said:
> Short of fixing every network on the internet, does anyone have any useful
> advice for what to do when smurfed?  This happened to an FDT customer last
> night, and it had our T1 (according to uunet) at about 500% capacity.
> Obviously, until the attack stopped, our T1 wasn't too useful.  I'm about
> >< close to just asking uunet to block all icmp echo replies from coming
> into FDT...but I know customers will complain.
> ------------------------------------------------------------------
>  Jon Lewis <[email protected]>  |  Unsolicited commercial e-mail will
>  Network Administrator       |  be proof-read for $199/message.
>  Florida Digital Turnpike    |  
> ______ for PGP public key____