North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ip directed-broadcast

  • From: Eric Wieling
  • Date: Wed Dec 31 11:00:39 1997

On Mon, Dec 29, 1997 at 12:42:50PM -0500, Jon Lewis wrote:
> > 2.)   they will no longer filter icmp echo reply for me, even though
> >         they understand that my link is now useless without that.
> > 	They do not have cpu cycles to spare for this purpose.
> Somewhat understandable...but perhaps they should have designed their
> network a little better and not overloaded their routers to point that one
> or few line filters push the CPU over the edge....Strike 2.
> > 3.)   they do not see this type of attack very often and don't 
> >         consider it much of a problem.
> causes them very little trouble.  Odds are good their NOC gets
> smurfed very rarely.  Strike 3.

We have a T-1 to Sprint, served out of their Ft. Worth POP.  If I
down the T on our end, does anyone know if the Sprint (or MCI, or
UUNET, etc) router will send back ICMP host/network unreachable

I ask because if the core routers DO send back ICMP host/network
unreachables and a customer that is being smurfed turns down their T,
I'd imagine that the core router would generate a heck of a lot of
traffic.  It might be enough to catch someone's attention.

-- Eric, who does not have a lot of patience with companies that don't
seem to care about smurfing.

Eric Wieling ([email protected]), Corporate Communications Technology
Sales: 504-585-7303 ([email protected]), Support: 504-525-5449 ([email protected])

Paranoia: It's not just for breakfast anymore.