SMURF AMPLIFIER BLOCK LIST -- VERY LARGE!!!!!!!!!!!!!!!
Matt Ranney
mjr at ranney.com
Thu Apr 30 17:06:13 UTC 1998
Phillip Vandry <vandry at Mlink.NET> writes:
[...]
> Every router on there has had directed broadcasts disabled for a long time.
> Only that network is a /25, so the broadcast address we are talking about
> is 205.236.182.127.
>
> It turns out that not only does 205.236.182.255 unexpectedly function as
> an alternate broadcast address for this network, but it is unaffected by
> no ip directed-broadcast!!!
We've seen this type of behavior as well, and on larger networks than
/24's. On one /18 that we have, someone was sending to xx.xx.255.255,
and it was heading to the first /23 that was allocated out of that
block. The customer that was lucky enough to be the recipient
eventually had to explicitly deny the 255.255 address because no ip
directed-broadcast didn't stop it.
--
Matt Ranney - mjr at ranney.com
Let's not let the students run the High School.
More information about the NANOG
mailing list