Filtering ICMP (Was Re: SMURF amplifier block list)
michael at memra.com
Mon Apr 20 23:15:14 UTC 1998
On Mon, 20 Apr 1998, Mark Whitis wrote:
> As an aside on the original topic, filtering on 0.0.0.255 mask 0.0.0.255
> is also irresponsible and never should have been suggested here.
> The lame arguments that anyone who has a host in that range is
> asking for trouble are specious; just because they may be adversely
> affected by some clueless individual somewhere does not justify
> your being clueless as well.
Wholesale filtering of ?.?.?.255 is irresponsible but if you have
downstream networks who are unable to block directed broadcasts then it is
a reasonable stopgap measure to block ?.?.?.255 traffic in those
downstream network blocks only. But at the same time you should *DEMAND*
that the downstream customer's router vendor fix their broken equipment or
else advertise that it is suitable only for use on networks that are not
interconnected with the Internet.
Michael Dillon - Internet & ISP Consulting
http://www.memra.com - E-mail: michael at memra.com
More information about the NANOG