|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: smurf
On Mon, Dec 08, 1997 at 11:39:45AM -0700, Wayne Bouchard wrote: > > Since so far 6 people misunderstood this, I *meant* those networks > that don't need to permit it, should consider filtering inbound ICMP > echo request packets. (And, hence, blocking the spoofed packet from > causing an ICMP echo reply flood.) I personally don't see why this would be preferable to just putting no ip directed-broadcast on all relavent interfaces. Alec -- +------------------------------------+--------------------------------------+ |Alec Peterson - [email protected] | Erols Internet, INC. | |Network Engineer | Springfield, VA. | +------------------------------------+--------------------------------------+
|