Home page logo
/

nanog logo nanog mailing list archives

Re: SMURF amplifier block list
From: Karl Denninger <karl () mcs net>
Date: Tue, 14 Apr 1998 11:15:03 -0500

On Tue, Apr 14, 1998 at 08:49:04AM -0700, Aaron Beck wrote:
On Mon, 13 Apr 1998, Stephen Sprunk wrote:

Then again, filtering any packets to or from x.x.x.255 would have a
similar but more profound effect.  Anyone who actually uses a .255
address for a host is asking for trouble anyways.

the problem with that thinking, of course, is going to crop up when you
encounter /23's and greater.

-- Aaron

Not often.  Few people are actually supernetting within a given broadcast
domain.  There's still an awful lot of hardware that doesn't work right in
that environment.

The larger problem is that subnetted /24s still are wide open.  This kind of
filter won't block anything from their broadcast addresses, since they're
not the .255 address.

--
-- 
Karl Denninger (karl () MCS Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/          | T1's from $600 monthly / All Lines K56Flex/DOV
                             | NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax:   [+1 312 803-4929]     | *SPAMBLOCK* Technology now included at no cost


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]