Home page logo
/

nanog logo nanog mailing list archives

Re: Network Operators and smurf
From: Al Reuben <alex () nac net>
Date: Sat, 25 Apr 1998 12:49:25 -0400 (EDT)



The other extreme is that, what if you are singly-homed? Then it is
useless again.

My point is, I would guess that if you are not single-homed (in which case
this is useless), you are multi-homed, and your traffic probably isn't
symmetrical. 

Therefore, I think this feature is of limited usefullness.



It would prevent simple spoofing, yes, but that would not
eliminate the Smurf attacks since to mount a Smurf attack you
need to use the victim's address as your source address, and that
one *is* typically "valid" according to the criteria you mention
above (?).

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
                  Atheism is a non-prophet organization.
                         I route, therefore I am.
       Alex Rubenstein, alex () nac net, KC2BUO, ISP/C Charter Member
               Father of the Network and Head Bottle-Washer
     Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
 Don't choose a spineless ISP! We have more backbone!  http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault