North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SMURF amplifier block list
Hi. May be, someone will maintain such lists? First, it allow to fix smurf source by 'log' option in the CISCO list; second, it'll prefere some attacks. On Sat, 11 Apr 1998, Karl Denninger wrote: > Date: Sat, 11 Apr 1998 15:25:33 -0500 > From: Karl Denninger <[email protected]> > To: [email protected] > Subject: SMURF amplifier block list > > > The following networks and masks are banned from our network at the core due > to being smurf amplifiers. > > When the folks who own these STOP THIS, we'll take them off the list. > Contact me by TELEPHONE if you want to discuss this matter or what a Smurf > is and why you should care. > > I'm going to start posting the blacklist here weekly in the hopes that peer > pressure will cause people to clean up their acts. Until you DO clean up > your act, you're not transiting our network - period. > > We're not going to accept this kind of vandalism and attractive nuisance any > more. If you haven't disabled directed broadcast forwarding, you are a > potential listee on this blacklist. > > DO IT NOW, or risk connectivity blockades. > > I urge all other network providers to block any identified smurf amplifier > that they can verify, and to post their list as well. > > Only through public pressure can people be forced to CORRECTLY configure > their networks to make these attacks impossible to launch. > > access-list 2 deny 128.118.0.0 0.0.255.255 > access-list 2 deny 129.24.0.0 0.0.255.255 > access-list 2 deny 129.111.0.0 0.0.255.255 > access-list 2 deny 129.100.0.0 0.0.255.255 > access-list 2 deny 128.40.0.0 0.0.255.255 > access-list 2 deny 129.101.0.0 0.0.255.255 > access-list 2 deny 203.64.0.0 0.0.255.255 > access-list 2 deny 129.115.0.0 0.0.255.255 > access-list 2 deny 203.108.225.0 0.0.0.255 > access-list 2 deny 129.60.0.0 0.0.255.255 > access-list 2 deny 137.79.0.0 0.0.255.255 > access-list 2 deny 130.37.0.0 0.0.255.255 > access-list 2 deny 130.70.0.0 0.0.255.255 > access-list 2 deny 203.108.236.0 0.0.0.255 > access-list 2 deny 132.169.0.0 0.0.255.255 > access-list 2 deny 129.107.0.0 0.0.255.255 > access-list 2 deny 129.49.0.0 0.0.255.255 > access-list 2 deny 129.96.0.0 0.0.255.255 > access-list 2 deny 130.65.0.0 0.0.255.255 > access-list 2 deny 134.205.0.0 0.0.255.255 > access-list 2 deny 129.29.0.0 0.0.255.255 > access-list 2 deny 204.48.224.0 0.0.0.255 > access-list 2 deny 205.177.49.0 0.0.0.255 > access-list 2 deny 204.47.208.0 0.0.0.255 > access-list 2 deny 204.242.172.0 0.0.0.255 > access-list 2 deny 194.6.129.0 0.0.0.255 > access-list 2 deny 206.31.78.0 0.0.0.255 > access-list 2 deny 207.211.60.0 0.0.0.255 > access-list 2 deny 206.27.242.0 0.0.0.255 > access-list 2 deny 207.175.67.0 0.0.0.255 > > > I'm sure there are more, but these are the ones blacklisted in our > network configuration right now. > > -- > -- > Karl Denninger ([email protected])| MCSNet - Serving Chicagoland and Wisconsin > http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV > | NEW! Corporate ISDN Prices dropped by up to 50%! > Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS > Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost > Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
|