Network Operators and smurf
Phil Howard
phil at charon.ipal.net
Sun Apr 26 02:44:14 UTC 1998
Havard.Eidnes at runit.sintef.no writes...
> It would prevent simple spoofing, yes, but that would not
> eliminate the Smurf attacks since to mount a Smurf attack you
> need to use the victim's address as your source address, and that
> one *is* typically "valid" according to the criteria you mention
> above (?).
But the first router the spoofer hits would NOT likely point the spoofed
address back to the spoofer. At that router this would stop the spoof.
This is why the feature needs to be shipped on all routers and enabled
by default.
--
Phil Howard | no1way99 at no5place.edu ads3suck at no8where.edu stop5it0 at dumbads2.edu
phil | blow0me8 at dumb6ads.org ads4suck at noplace3.org stop3ads at noplace0.net
at | die1spam at lame8ads.com end4it12 at anyplace.net stop9597 at spammer8.net
milepost | stop5ads at no0place.org end7it69 at anyplace.edu a8b3c9d6 at dumbads2.com
dot | die4spam at lame1ads.net stop6it2 at no6where.com suck3it1 at spam2mer.org
com | stop9915 at spam6mer.net stop1it8 at nowhere2.org stop0ads at anywhere.net
More information about the NANOG
mailing list