North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: [nsp] known networks for broadcast ping attacks
- From: Jay R. Ashworth
- Date: Wed Jul 30 15:46:30 1997
On Wed, Jul 30, 1997 at 07:56:11PM +0100, Alex.Bligh wrote:
> Urm, 192.41.177.255 is the MAE-East LAN ?! Are you saying attacks are
> being mounted from here or people are attacking this LAN (not
> sure which is more worrying)
What he's saying is that someone is mounting broadcast ping flooding
attacks with forged source addresses which make them appear to be
coming from MAE-East, among other places.
He correctly notes that this _must_ be fixed at the boundary routers.
Network operators: _please_ make sure your boundary routers do not
allow you to send packets upstream which have source addresses on them
which are not on your networks. Filters are your friend. A source
address of 127.anything is pretty uncool, too, as are broadcast
addresses... although those can be harder to figure out nowadays.
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "People propose, science studies, technology
Tampa Bay, Florida conforms." -- Dr. Don Norman +1 813 790 7592
|
