Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: smurf

  • From: Leigh Porter
  • Date: Mon Dec 08 18:34:58 1997

Mike Hedlund wrote:
> 
[snip]
> Well.. the main problem with smurf is that as far as i know, it uses the
> reply from a broadcast. that will rule out tcp unless they send a direct
> flow from the attackers box to the destination/victims box. For UDP,
> you would have to send it to a broadcast, and also hope there is a udp
> service listening (ie.. a test program i wrote sent 1 udp broadcast to
> 198.32.136.255:7 and received a whole bunch of replies.. turn off small
> services on routers would be helpfull.. :)). You could also do that to
> any network, the point being.. its easier to disable simple udp services
> then to setup filters on border routers..
> 
> -mike

I guess that depends upon how many border routers you have :)

It would also help to filter outgoing traffic from your network to
ensure
you do not become the unwitting source of a smurf attack..

--
Leigh Porter




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.