RE: smurf attacks

From: Mike Calhoon (mcalhoon27@earthlink.net)
Date: Tue Oct 12 2004 - 01:41:14 GMT-3

• Next message: Paul Jin: "OT: CCIE position in Atlanta"
• Previous message: James: "Re: regex question for bgp"
• Maybe in reply to: John Matus: "smurf attacks"
• Next in thread: John Matus: "Re: smurf attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Here is a link I found a while back...

http://www.cisco.com/warp/public/707/22.html

Mike

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
James
Sent: Monday, October 11, 2004 11:13 PM
To: John Matus
Cc: lab
Subject: Re: smurf attacks

On Mon, Oct 11, 2004 at 08:02:05PM -0700, John Matus wrote:
> how does one stop a smurf attack?

no ip directed-broadcast

Note that it won't really stop the attack per se, but will prevent your
network from being used as amplifier for the attack. smurf is rarely a
concern in real world today though since most router vendors disable
directed
broadcast by default.

What's real threat today are big big bot nets and spoofed addr floodings
that
can easily kill a GigE of internet transit.

HTH,
-J

-- 
James Jun                                            TowardEX Technologies,
Inc.
Technical Lead                        Network Design, Consulting, IT
Outsourcing
james@towardex.com                  Boston-based Colocation & Bandwidth
Services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc:
www.twdx.net

• Next message: Paul Jin: "OT: CCIE position in Atlanta"
• Previous message: James: "Re: regex question for bgp"
• Maybe in reply to: John Matus: "smurf attacks"
• Next in thread: John Matus: "Re: smurf attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:46 GMT-3