Network Operators and smurf

Phil Howard phil at
Sun Apr 26 02:44:14 UTC 1998

Havard.Eidnes at writes...

> It would prevent simple spoofing, yes, but that would not
> eliminate the Smurf attacks since to mount a Smurf attack you
> need to use the victim's address as your source address, and that
> one *is* typically "valid" according to the criteria you mention
> above (?).

But the first router the spoofer hits would NOT likely point the spoofed
address back to the spoofer.  At that router this would stop the spoof.
This is why the feature needs to be shipped on all routers and enabled
by default.

Phil Howard | no1way99 at ads3suck at stop5it0 at
  phil      | blow0me8 at ads4suck at stop3ads at
    at      | die1spam at end4it12 at stop9597 at
  milepost  | stop5ads at end7it69 at a8b3c9d6 at
    dot     | die4spam at stop6it2 at suck3it1 at
  com       | stop9915 at stop1it8 at stop0ads at

More information about the NANOG mailing list