SMURF amplifier block list

Randy Bush randy at
Tue Apr 14 01:00:00 UTC 1998

i suspect that they're discussing blocking inbound packets from faked
sources of smurf attacks.  in this case, protection from outbound routing
info is too late.  once the smurf packets gets in your local net, you've
been smurfed.

of course, the idea of blocking smurf spoof sites is pretty specious.  how
many folk will go through the effort and burden on the routers to put an
access list in the packet path and yet not be clueful enough to just say
'no ip directed-broadcast' on the same damn edge router insead?

wait a sec.  on second thought, don't answer that question.


More information about the NANOG mailing list