Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: smurf

  • From: Henry Linneweh
  • Date: Mon Dec 08 17:31:45 1997

To make this understood in a more clear context there are Linux users that
have
done exactly that and use ATM switches to lauch attacks from since they are
hard to trace from IP based networks and I see it constantly in my
traceroutes
and some exceeed the 30 hop limit on the web pages offering traceroutes from

the major players on the backbone...

Henry R. Linneweh

Adrian Chadd wrote:

> On Fri, 5 Dec 1997, Wayne Bouchard wrote:
>
> [snip]
>
> > threaten the most disruption of internet services. With ISDN and
> > DSL, users have the bandwidth necessary to generate even more
> > dangerous levels of traffic. If you don't think this issue affects
> > you, it does. If you're not a target, your probably being used
> > as a source.
>
> I agree totally.
> A couple of problems:
>
> * Filtering ALL ICMP is pretty silly, ICMP is there for more than just
>   pings, and some of it is important.
> * If people start doing this, someone with a smidgen of time on their
>   hands will write a ping flooder that uses random TCP or UDP packets
>   with spoofed from addresses.
>
> I'm curious however - can anyone out there running netflow or something
> similar give me a breakdown on what kind of ICMP traffic they're seeing?
>
> Adrian



--
4i1






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.