Home page logo

nanog logo nanog mailing list archives

Re: Network Operators and smurf
From: Phil Howard <phil () charon ipal net>
Date: Sat, 25 Apr 1998 21:44:14 -0500 (CDT)

Havard.Eidnes () runit sintef no writes...

It would prevent simple spoofing, yes, but that would not
eliminate the Smurf attacks since to mount a Smurf attack you
need to use the victim's address as your source address, and that
one *is* typically "valid" according to the criteria you mention
above (?).

But the first router the spoofer hits would NOT likely point the spoofed
address back to the spoofer.  At that router this would stop the spoof.
This is why the feature needs to be shipped on all routers and enabled
by default.

Phil Howard | no1way99 () no5place edu ads3suck () no8where edu stop5it0 () dumbads2 edu
  phil      | blow0me8 () dumb6ads org ads4suck () noplace3 org stop3ads () noplace0 net
    at      | die1spam () lame8ads com end4it12 () anyplace net stop9597 () spammer8 net
  milepost  | stop5ads () no0place org end7it69 () anyplace edu a8b3c9d6 () dumbads2 com
    dot     | die4spam () lame1ads net stop6it2 () no6where com suck3it1 () spam2mer org
  com       | stop9915 () spam6mer net stop1it8 () nowhere2 org stop0ads () anywhere net

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]