SMURF amplifier block list
mlm at ftel.net
Wed Apr 15 04:00:31 UTC 1998
Stephen Sprunk writes:
>If you have a suggestion for "removing the attack possibility in its
>entirety," please tell us. So far, nobody's come up with one.
SMURF'ing depends on spoofed source addresses, so the appropriate
filter is customer (and if your can afford it peer) ingress, not
Anyone willing to install a *.255 filter should instead eliminate
directed-broadcast response, and validate packets they will accept.
More information about the NANOG