North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: source filtering

  • From: Craig A. Huegen
  • Date: Tue Jan 12 14:59:10 1999

On Tue, Jan 12, 1999 at 06:25:47PM +0000, Alex Bligh wrote:

==>Is UDP smurf much in evidence? (send a UDP packet to the broadcast address
==>on the echo server port and you'll either get ICMP port unreachables
==>back or UDP echos). The reason I ask is that edge ICMP rate
==>limiting won't help UDP.

People are still preferring ICMP smurfs as the reflection is usually
greater.

With that said, you can use a line like the following to filter UDP
echo smurfs at the network border; it won't affect other UDP traffic.

access-list 101 permit udp any eq 7 any

/cah