Home page logo
/

nanog logo nanog mailing list archives

Re: SMURF amplifier block list - READ THIS
From: Joe Provo - Network Architect <jprovo () ma ultranet com>
Date: Tue, 14 Apr 1998 20:31:21 -0400 (EDT)


[snip]
What we were talking about was forbidding external connections to the
class-C broadcast addresses on a net, and why that useful process made
addressing hosts on .255 boundaries A Bad Idea.

You misspelled "useless process".  I also think you dropped the final
phrase "if you want to talk to my network."

[many previous posts in previous discussion on the topic omitted here.
see the archives.]

Assuming someone else's topology is stupid; we have dynamic protocols 
to tell our gear things for good reason.  you want a dynamic process? 
get your head out of the cisco rut: 
  use your rbl-like bgp sessions between gated boxen that then
  squirt the updates into ACLs.
  feed these ACLs into your configuration update method (if you 
  have one).

That one was free.

Cheers,
Joe


  By Date           By Thread  

Current thread:
  • Re: SMURF amplifier block list - READ THIS Joe Provo - Network Architect (Apr 15)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault