North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: smurf's attack...
> Date: Fri, 05 Sep 1997 14:04:17 -0600 > From: "Michael K. Sanders" <[email protected]> > Subject: Re: smurf's attack... > To: Jon Green <[email protected]> > Cc: "Jordyn A. Buchanan" <[email protected]>, [email protected] > In message <[email protected]>, Jon Green writes: > >On Fri, 5 Sep 1997 15:24:58 -0400, [email protected] writes: > > > >>access-list XXX deny ip any 0.0.0.255 255.255.255.0 > > > >Folks, this is a bad idea. There are lots of completely valid IP > >addresses out there that end in .255. True, most of them that > >end in .255 ARE broadcast addresses, but if people implement this > >kind of filtering on a large scale, it really breaks classless IP. > > Likewise, not all broadcast adresses necessarily end with .255, > so filtering .255 won't help anyway in the presence of something > like a /25 with a X.X.X.127 broadcast. Agreed but it is not easy for a hacker to determine CIDR masks. It is my impression that the only thing being sent is classfull broadcasts. > > > > Dave Nordlund [email protected] University of Kansas 913/864-0450 Computing Services FAX 913/864-0485 Lawrence, KS 66045 KANREN
|