Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMURF amplifier block list

  • From: Alex P. Rudnev
  • Date: Sun Apr 12 08:54:43 1998

Hi.

May be, someone will maintain such lists? First, it allow to fix smurf 
source by 'log' option in the CISCO list; second, it'll prefere some 
attacks.






On Sat, 11 Apr 1998, Karl Denninger wrote:

> Date: Sat, 11 Apr 1998 15:25:33 -0500
> From: Karl Denninger <karl@mcs.net>
> To: nanog@merit.edu
> Subject: SMURF amplifier block list
> 
> 
> The following networks and masks are banned from our network at the core due
> to being smurf amplifiers.
> 
> When the folks who own these STOP THIS, we'll take them off the list.
> Contact me by TELEPHONE if you want to discuss this matter or what a Smurf
> is and why you should care.
> 
> I'm going to start posting the blacklist here weekly in the hopes that peer
> pressure will cause people to clean up their acts.  Until you DO clean up
> your act, you're not transiting our network - period.
> 
> We're not going to accept this kind of vandalism and attractive nuisance any
> more.  If you haven't disabled directed broadcast forwarding, you are a
> potential listee on this blacklist.  
> 
> DO IT NOW, or risk connectivity blockades.
> 
> I urge all other network providers to block any identified smurf amplifier 
> that they can verify, and to post their list as well.
> 
> Only through public pressure can people be forced to CORRECTLY configure 
> their networks to make these attacks impossible to launch.
> 
> access-list 2 deny   128.118.0.0 0.0.255.255
> access-list 2 deny   129.24.0.0 0.0.255.255
> access-list 2 deny   129.111.0.0 0.0.255.255
> access-list 2 deny   129.100.0.0 0.0.255.255
> access-list 2 deny   128.40.0.0 0.0.255.255
> access-list 2 deny   129.101.0.0 0.0.255.255
> access-list 2 deny   203.64.0.0 0.0.255.255
> access-list 2 deny   129.115.0.0 0.0.255.255
> access-list 2 deny   203.108.225.0 0.0.0.255
> access-list 2 deny   129.60.0.0 0.0.255.255
> access-list 2 deny   137.79.0.0 0.0.255.255
> access-list 2 deny   130.37.0.0 0.0.255.255
> access-list 2 deny   130.70.0.0 0.0.255.255
> access-list 2 deny   203.108.236.0 0.0.0.255
> access-list 2 deny   132.169.0.0 0.0.255.255
> access-list 2 deny   129.107.0.0 0.0.255.255
> access-list 2 deny   129.49.0.0 0.0.255.255
> access-list 2 deny   129.96.0.0 0.0.255.255
> access-list 2 deny   130.65.0.0 0.0.255.255
> access-list 2 deny   134.205.0.0 0.0.255.255
> access-list 2 deny   129.29.0.0 0.0.255.255
> access-list 2 deny   204.48.224.0 0.0.0.255
> access-list 2 deny   205.177.49.0 0.0.0.255
> access-list 2 deny   204.47.208.0 0.0.0.255
> access-list 2 deny   204.242.172.0 0.0.0.255
> access-list 2 deny   194.6.129.0 0.0.0.255
> access-list 2 deny   206.31.78.0 0.0.0.255
> access-list 2 deny   207.211.60.0 0.0.0.255
> access-list 2 deny   206.27.242.0 0.0.0.255
> access-list 2 deny   207.175.67.0 0.0.0.255
> 
> 
> I'm sure there are more, but these are the ones blacklisted in our 
> network configuration right now.
> 
> --
> -- 
> Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
> http://www.mcs.net/          | T1's from $600 monthly / All Lines K56Flex/DOV
> 			     | NEW! Corporate ISDN Prices dropped by up to 50%!
> Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
> Fax:   [+1 312 803-4929]     | *SPAMBLOCK* Technology now included at no cost
> 

Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.