SMURF amplifier block list

Dave Andersen angio at angio.net
Tue Apr 21 00:04:15 UTC 1998


Lo and behold, Dean Anderson once said:
> 
> [Discussion about the use of .0 as broadcast deleted]
>
> But it is interesting that the person would have thought to use it in a
> smurf attack...  If they know that much, they really should have known
> better than to smurf. I hope they throw the whole bookcase at them...

   Not really.  The lists of smurfable addresses on the net have contained
network numbers for a while now, or so goes the rumor on other lists.  It
could have come through someone scanning addresses sequentially to find a
broadcast address (mm, exciting job), or it could have come from a clueful
cracker somewhere else.  It doesn't take too many brains to use the
prepackaged hacking/crashing programs people can download off Bugtraq.

(OTOH, there are quite a few clueful crackers out there, who've found that
reading the RFCs is a good thing.  Crackers reading RFCs may not be a good
thing. :-)

   -Dave




More information about the NANOG mailing list