North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Smurfing

  • From: Deepak Jain
  • Date: Fri Feb 13 17:43:19 1998

I don't think its possible since only the local router has exact 
information on the broadcast addresses it supports. 

Now on something like Mae-East, what is the deal if someone pings


On Fri, 13 Feb 1998, Steve Hultquist wrote:

> Don't these answers answer a different question? Isn't the question how to
> filter *outbound* attacks, not inbound ones? Filtering the inbound ones is
> pretty easy on a Bay or anything with filters (drop packets bound for the
> broadcast addresses). Filtering outbound is another story, especially with
> CIDR. I would like to set up my routers to make sure I'm protecting as much
> of the 'net as possible from attempts by my customers to do evil. However,
> it's not clear to me how to do that. Does "no ip directed-broadcast" somehow
> filter the *outbound* attacks or just the inbound ones?
> --
> Steve Hultquist, Chief Technology Officer                       HSAnet
> providing high-speed Internet access                 Boulder, Colorado
> mailto:[email protected]     +1.303.581.0800