North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: smurf's attack...
- From: Jordyn A. Buchanan
- Date: Fri Sep 05 15:56:26 1997
At 9:43 AM -0600 9/5/97, David Papp wrote:
>What are the implications of turning off "ip directed broadcasts" on our
>routers? Or is this something that all backbone providers or ISPs
>automatically do (kind of like "ip classless" and "ip subnet-zero")?
This was covered in some detail about a month ago, so you could check the
list's archives. The operational implications of turning off "ip directed
broadcasts" seem negligible--there are very few circumstances in which you
*need* to send packets to the broadcast address on another network.
I would hope that this becomes "automatic" like the other commands you mention.
I can think of very few circumstances in which you need directed
broadcasts, yet by permitting them, you allow your network to be used in
attacks against others.
We're also using the following extended access list (along with
anti-spoofing filters) to prevent smurf attacks from originating from our
network:
access-list XXX deny ip any 0.0.0.255 255.255.255.0
But that's just us...
Jordyn
|----------------------------------------------------------------|
|Jordyn A. Buchanan mailto:jordyn@bestweb.net |
|Bestweb Corporation http://www.bestweb.net |
|Senior System Administrator +1.914.271.4500 |
|----------------------------------------------------------------|
|
