Home page logo
/

nanog logo nanog mailing list archives

Re: Filtering ICMP (Was Re: SMURF amplifier block list)
From: Michael Dillon <michael () memra com>
Date: Mon, 20 Apr 1998 16:15:14 -0700 (PDT)

On Mon, 20 Apr 1998, Mark Whitis wrote:

As an aside on the original topic, filtering on 0.0.0.255 mask 0.0.0.255
is also irresponsible and never should have been suggested here.
The lame arguments that anyone who has a host in that range is
asking for trouble are specious; just because they may be adversely
affected by some clueless individual somewhere does not justify
your being clueless as well.

Wholesale filtering of ?.?.?.255 is irresponsible but if you have
downstream networks who are unable to block directed broadcasts then it is
a reasonable stopgap measure to block ?.?.?.255 traffic in those
downstream network blocks only. But at the same time you should *DEMAND*
that the downstream customer's router vendor fix their broken equipment or
else advertise that it is suitable only for use on networks that are not
interconnected with the Internet.

--
Michael Dillon                   -               Internet & ISP Consulting
http://www.memra.com             -               E-mail: michael () memra com




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault