North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: update

  • From: Mark Milhollan - Franklin Employee
  • Date: Fri Oct 13 23:23:27 2000

John Fraizer writes:
>If someone doesn't want
>people sending ICMP echo-request to their network, they need to block it
>at the borders.  If they do that, even if they have amp nets inside, they
>won't be available for abuse from the outside.

Only from ICMP echo-request based DDoS', others will still be available. 
They'd have to block all traffic to their broadcast addresses, which is
pretty much what ``no directed broadcast'' does anyway.

>In any case, I find scanning for SMURF amps and scanning for
>vulnerabilities to be quite different.

Can't say I agree, since in fact they are both "vulnerabilities".

This is already too damn close to the usual thread about the other
active scan for my comfort.