SMURF amplifier block list
Robert Reynolds
lists at HP200.lakecountry.net
Mon Apr 13 16:27:55 UTC 1998
Have the admins of these networks been notified of the problem?
On Sat, 11 Apr 1998, Karl Denninger wrote:
>
> The following networks and masks are banned from our network at the core due
> to being smurf amplifiers.
>
> When the folks who own these STOP THIS, we'll take them off the list.
> Contact me by TELEPHONE if you want to discuss this matter or what a Smurf
> is and why you should care.
>
> I'm going to start posting the blacklist here weekly in the hopes that peer
> pressure will cause people to clean up their acts. Until you DO clean up
> your act, you're not transiting our network - period.
>
> We're not going to accept this kind of vandalism and attractive nuisance any
> more. If you haven't disabled directed broadcast forwarding, you are a
> potential listee on this blacklist.
>
> DO IT NOW, or risk connectivity blockades.
>
> I urge all other network providers to block any identified smurf amplifier
> that they can verify, and to post their list as well.
>
> Only through public pressure can people be forced to CORRECTLY configure
> their networks to make these attacks impossible to launch.
>
> access-list 2 deny 128.118.0.0 0.0.255.255
> access-list 2 deny 129.24.0.0 0.0.255.255
> access-list 2 deny 129.111.0.0 0.0.255.255
> access-list 2 deny 129.100.0.0 0.0.255.255
> access-list 2 deny 128.40.0.0 0.0.255.255
> access-list 2 deny 129.101.0.0 0.0.255.255
> access-list 2 deny 203.64.0.0 0.0.255.255
> access-list 2 deny 129.115.0.0 0.0.255.255
> access-list 2 deny 203.108.225.0 0.0.0.255
> access-list 2 deny 129.60.0.0 0.0.255.255
> access-list 2 deny 137.79.0.0 0.0.255.255
> access-list 2 deny 130.37.0.0 0.0.255.255
> access-list 2 deny 130.70.0.0 0.0.255.255
> access-list 2 deny 203.108.236.0 0.0.0.255
> access-list 2 deny 132.169.0.0 0.0.255.255
> access-list 2 deny 129.107.0.0 0.0.255.255
> access-list 2 deny 129.49.0.0 0.0.255.255
> access-list 2 deny 129.96.0.0 0.0.255.255
> access-list 2 deny 130.65.0.0 0.0.255.255
> access-list 2 deny 134.205.0.0 0.0.255.255
> access-list 2 deny 129.29.0.0 0.0.255.255
> access-list 2 deny 204.48.224.0 0.0.0.255
> access-list 2 deny 205.177.49.0 0.0.0.255
> access-list 2 deny 204.47.208.0 0.0.0.255
> access-list 2 deny 204.242.172.0 0.0.0.255
> access-list 2 deny 194.6.129.0 0.0.0.255
> access-list 2 deny 206.31.78.0 0.0.0.255
> access-list 2 deny 207.211.60.0 0.0.0.255
> access-list 2 deny 206.27.242.0 0.0.0.255
> access-list 2 deny 207.175.67.0 0.0.0.255
>
>
> I'm sure there are more, but these are the ones blacklisted in our
> network configuration right now.
>
> --
> --
> Karl Denninger (karl at MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin
> http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV
> | NEW! Corporate ISDN Prices dropped by up to 50%!
> Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS
> Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
>
More information about the NANOG
mailing list