smurf attacks

From: midatlanticnet@gmail.com
Date: Sun Jan 15 2006 - 21:04:49 GMT-3

• Next message: Victor Cappuccio: "IEWB-RS Lab 3 Vol3 Task 5.5"
• Previous message: loke: "Re: Cisco Doc CD"
• Next in thread: Chris Lewis: "Re: smurf attacks"
• Maybe reply: Chris Lewis: "Re: smurf attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

i saw somewhere on this message board a solution to Smurf attacks. That solution used 8 lines in an extended ACL's permiting ICMP and UDP echo and echo-reply, then rate limited the ACL using CAR. Here is my mine question:

If I want to limit a smurf attack to a max of 128K, and normal 8kbps using CAR...why not use the "verify unicast" command on the interface and have that point to a permit any any ACL...then rate limit that ACL to the above parameters.

-Chris

• Next message: Victor Cappuccio: "IEWB-RS Lab 3 Vol3 Task 5.5"
• Previous message: loke: "Re: Cisco Doc CD"
• Next in thread: Chris Lewis: "Re: smurf attacks"
• Maybe reply: Chris Lewis: "Re: smurf attacks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Feb 01 2006 - 07:45:49 GMT-3