|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: identify hostname
At 11:32 AM 12/2/98 -0700, Pete Kruckenberg wrote: >> I do have an access list deny for incoming destinations to *.*.*.255 >> since I do know that the only customer we have with larger than a /24 >> from us (via cw.net) also happens to have nothing larger than /26 in >> their network. AFAIK, today, smurfers are only using *.*.*.255. They >> would have to track a lot more information to use others, so for now I >> can generally expect that deny to prevent us from being an amplifier. > >It's not difficult to find subnet broadcast addresses, since few routers >(if they even support it) are configured to filter ICMP replies. If there >isn't already software out there, it will take all of a few hours to add >broadcast-finding code to the smurfing software in existence. Guys, Why not make your down-stream fill out a *complete* IN-ADDR.ARPA file which lists their sub-net bcast and base addresses? That way yo could use the DNS system itself to find those addresses. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:[email protected]>[email protected] Internet phone: hawk.mhsc.com Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com ___________________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
|