Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMURF amplifier block list

  • From: Dean Anderson
  • Date: Sat Apr 18 15:59:49 1998 
>> During an in progress attack, you probably have to take extreme measures,
>Do you remember - it's not attack against you or attack by some of your
>customer's networks used as amplifier, but the attack initiated from your
>own network. You never note such thing withouth some permanent
>measurement.

Oops. I misunderstood this first time round.  I don't think you can easily
detect smurf initiations, because you have to guess at the broadcast
address.

I think it is much easier to detect and block forged source addresses,
which are also necessary for the hacker who is operating out of your
network.

		--Dean


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean@av8.com
           LAN/WAN/UNIX/NT/TCPIP/DCE      http://www.av8.com
           We Make IT Fly!                (617)242-3091 x246
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.