North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

DoS attack.

  • From: brad
  • Date: Thu Jun 18 03:27:45 1998

Our network is currently experiencing DoS attacks originating from
many providers (both national and local).  It seems that we are seeing
spurious and bursty packets coming across our network with headers 
that seem to contain 6 octet layer 2 source followed by four octet layer 3
source.  Normally we see minimal or non-existant traffic on our network 
(the broadcast network) but in this case, packets of questionable
integrity are lining up in our queues and our banyan-batcher doesn't
have enough fabric to deal with it.

Our senior network engineer (Frank Rizzo) charged me to enlist the
network operating community to help fight the spread of these
debilitating attacks across the internet.  Please help us if you can.

Here is a sample of the command (much like no ip directed-broadcast
stops 'smurf' attacks)

rotsb(config)#no ip routing
rotsb(config)#^Z
rotsb#wr m
Building configuration...
[OK]
rotsb#

If you only feel confident cutting and pasting the configuration
into your router, here is the config line:

no ip routing


Thank you all for helping to make the internet a better place for
small isps like me.

B. Bork