Security Incidents mailing list archives

Re: Recent DDoS (was Ping flood? Whats the point?)


From: perhaps () YES NO (Eivind Eklund)
Date: Fri, 11 Feb 2000 10:39:20 +0100


On Thu, Feb 10, 2000 at 12:17:24PM +1300, Kerry Baker wrote:
I think this sort of thing lends some weight to my arguement for network
administrators to use ACLs to prevent spoofed packets leaving their
networks.  I hope the media attention will prompt some action.  Due to the
use of CIDR it shouldn't be too hard to do!

Cisco allegedly (I'm not into routers) has something called 'Reverse Path
Lookup' that check the routing tables to see if the packets arriving should
be able to get in through the interface they come through (and drop them if
not.)

I think CERT should do an advisory on this (being the group with the most
clout); the wanton forwarding of packets hurt us all.

Eivind.


Current thread: