Re: smurf's attack...

• From: DAVE NORDLUND
• Date: Fri Sep 05 17:14:36 1997

> Date:          Fri, 05 Sep 1997 14:04:17 -0600
> From:          "Michael K. Sanders" <[email protected]>
> Subject:       Re: smurf's attack...
> To:            Jon Green <[email protected]>
> Cc:            "Jordyn A. Buchanan" <[email protected]>, [email protected]

> In message <[email protected]>, Jon Green writes:
> >On Fri, 5 Sep 1997 15:24:58 -0400, [email protected] writes:
> >
> >>access-list XXX deny ip any 0.0.0.255 255.255.255.0
> >
> >Folks, this is a bad idea.  There are lots of completely valid IP
> >addresses out there that end in .255.  True, most of them that
> >end in .255 ARE broadcast addresses, but if people implement this
> >kind of filtering on a large scale, it really breaks classless IP.
> 
> Likewise, not all broadcast adresses necessarily end with .255, 
> so filtering .255 won't help anyway in the presence of something
> like a /25 with a X.X.X.127 broadcast.

Agreed but it is not easy for a hacker to determine CIDR masks.  It
is my impression that the only thing being sent is classfull broadcasts.
> 
> 
> 
> 

Dave Nordlund               [email protected]
University of Kansas        913/864-0450
Computing Services          FAX 913/864-0485
Lawrence, KS  66045         KANREN

• Follow-Ups:
  • Re: smurf's attack... Dave Andersen
  • Re: smurf's attack... Michael K. Sanders
  • Re: smurf's attack... Jordyn A. Buchanan

• References:
  • Re: smurf's attack... Jon Green
  • Re: smurf's attack... Michael K. Sanders

• Prev by Date: Re: Spammer Bust
• Next by Date: Re: Spammer Bust
• Date Index
• Thread Index
• Author Index
• Historical