mailing list archives
Re: Reporting Little Blue Men
From: "Jay R. Ashworth" <jra () scfn thpl lib fl us>
Date: Thu, 22 Jan 1998 19:09:47 -0500
On Thu, Jan 22, 1998 at 10:21:46AM -0800, Justin W. Newton wrote:
At 11:41 AM 1/22/98 -0500, Eric Osborne wrote:
In other words, I can't prevent my customers from sending packets to
a broadcast address, esp. on a subnet smaller than /24. You might be
able to block outgoing packets for destination x.y.z.255, but if you've got
a mask >/24 (/23, etc..), couldn't .255 be a valid host address?
Yes, it could be, actually. I tried to use it as WAN pool address once
though and it horrendously confused the RAS, as well as several UNIX boxen
on the network.
Yes, it could be, but let's remember; isn't the smurf attack the one
that _depends_ on a forged _source_ IP address in order to "work"?
Jay R. Ashworth jra () baylink com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby,
Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
Re: Reporting Little Blue Men James R. Fisher (Jan 22)
Re: Reporting Little Blue Men sully (Jan 23)
- Re: Reporting Little Blue Men, (continued)