North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: identify hostname
this makes sense...until someone gets lazy, and takes a week to filter, and the smurf brats catch on, and start querying DNS to find amplifiers. -Taz -- Jonathan "Taz" Mischo -- Network Slave -- [email protected] Mindspring Enterprises, Inc. 1430 W. Peachtree St. Suite 400 Atlanta, GA 30309 1.800.719.4664 x2705 404.287.0770 x2705 fax: 404.287.0885 pager: [email protected] M-F2-10pET On Thu, 3 Dec 1998, Roeland M.J. Meyer wrote: > At 11:32 AM 12/2/98 -0700, Pete Kruckenberg wrote: > >> I do have an access list deny for incoming destinations to *.*.*.255 > >> since I do know that the only customer we have with larger than a /24 > >> from us (via cw.net) also happens to have nothing larger than /26 in > >> their network. AFAIK, today, smurfers are only using *.*.*.255. They > >> would have to track a lot more information to use others, so for now I > >> can generally expect that deny to prevent us from being an amplifier. > > > >It's not difficult to find subnet broadcast addresses, since few routers > >(if they even support it) are configured to filter ICMP replies. If there > >isn't already software out there, it will take all of a few hours to add > >broadcast-finding code to the smurfing software in existence. > > Guys, > > Why not make your down-stream fill out a *complete* IN-ADDR.ARPA file which > lists their sub-net bcast and base addresses? That way yo could use the DNS > system itself to find those addresses. > ___________________________________________________ > Roeland M.J. Meyer, ISOC (InterNIC RM993) > e-mail: <mailto:[email protected]>[email protected] > Internet phone: hawk.mhsc.com > Personal web pages: staff<http://www.mhsc.com/~rmeyer>.mhsc.com/~rmeyer > Company web-site: <http://www.mhsc.com/>www.mhsc.com > ___________________________________________________ > Who is John Galt? > "Atlas Shrugged" - Ayn Rand >
|