Are we really concerned about being smurfed by a /30, or even a /27?
The essential problem is backbone class-C's, especially those in NAPs
where coordination is nearly impossible. Smaller subnets tend to be in
small ISPs' or customers' networks, which don't pose a threat since they
lack the bandwidth for an effective attack.
Karl Denninger wrote:
The larger problem is that subnetted /24s still are wide open. This kind of
filter won't block anything from their broadcast addresses, since they're
not the .255 address.
Stephen Sprunk "Oops." Email: sprunk () paranet com
Sprint Paranet -Albert Einstein ICBM: 33.00151N 96.82326W