Home page logo
/

nanog logo nanog mailing list archives

Re: SMURF amplifier block list
From: Karl Denninger <karl () mcs net>
Date: Tue, 14 Apr 1998 15:29:13 -0500

Good point.

--
-- 
Karl Denninger (karl () MCS Net)| MCSNet - Serving Chicagoland and Wisconsin
http://www.mcs.net/          | T1's from $600 monthly / All Lines K56Flex/DOV
                             | NEW! Corporate ISDN Prices dropped by up to 50%!
Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
Fax:   [+1 312 803-4929]     | *SPAMBLOCK* Technology now included at no cost

On Tue, Apr 14, 1998 at 03:25:34PM -0500, Stephen Sprunk wrote:
Are we really concerned about being smurfed by a /30, or even a /27?

The essential problem is backbone class-C's, especially those in NAPs
where coordination is nearly impossible.  Smaller subnets tend to be in
small ISPs' or customers' networks, which don't pose a threat since they
lack the bandwidth for an effective attack.

Stephen


Karl Denninger wrote:

The larger problem is that subnetted /24s still are wide open.  This kind of
filter won't block anything from their broadcast addresses, since they're
not the .255 address.


-- 
Stephen Sprunk      "Oops."                 Email: sprunk () paranet com
Sprint Paranet        -Albert Einstein      ICBM:  33.00151N 96.82326W


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]