|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Smurfing
Havard, --On Friday, February 13, 1998, 11:45 PM +0100 [email protected] wrote: > getting Smurfing "under control" takes two things: > > o All router administrators on the immediately reachable > Internet needs to turn off directed broadcasts on their router > interfaces. > o Making sure source IP address spoofing isn't as easily done as > it is now. Also an easy one, right? ;-) I agree, and this is what we have done. The earlier post (from someone else) was asking about how to filter *outbound* directed broadcasts, and I didn't understand how this could be done. A number of my NANOG colleagues have adamantly agreed that it can't! > o While we struggle with the above two, at least some service > providers need to become more responsive in tracking these > sort of events back to their real source. No names mentioned, > none forgotten. Agreed. Would it make sense to come up with a cooperative mechanism for this similar to CERT only faster? > o Lastly, I think that better tools are needed to track this > sort of attacks back to their source (?). That would be very difficult, effectively requiring the ability to query routers and ask if they are seeing packets bound for a specific address. I'd love to see some tools that would help us do that, however! -- Steve Hultquist, Chief Technology Officer HSAnet providing high-speed Internet access Boulder, Colorado mailto:[email protected] +1.303.581.0800 http://www.HSAnet.net/
|