Smurfing

Eric Osborne osborne at notcom.com
Fri Feb 13 19:41:13 UTC 1998



> Perhaps some of the folks on NANOG that use equipment other than Cisco
> would like to share how they "configure their router for that"?  It would
> be a nice service to everyone...
> 
> Charles
> 
> 

Your router packet-filters, right?  I don't know the Bay config syntax, but
a poor-man's version of "no ip directed-broadcast" is to disallow ICMP 
(or IP, if you have to do it that way) to the broadcast addresses on your 
network.  

Yeah, it's not perfect.  Yeah, there are some problems with it.  Yeah, it
won't work terribly well if you break up CIDR blocks and hand them to customers
who break them up and hand them to customers who break them up.... but it
will work.  Especially if you apply it as close to the customer side of 
things as possible.




eric




More information about the NANOG mailing list