Smurfing

• Previous message (by thread): Smurfing
• Next message (by thread): Smurfing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> See RFC2267.
> 
> - paul
> 
> 
> > Good news.
> > 
> > One more question (just is there is someone from the CISCO) - what's 
> > about source-address filtering at default for the access servers/routers? 
> > Note all this problems (SMURF, DENIAL-ATTACK, DNS-FRAUDING, etc etc) can 
> > be 100% blocked if ISP would not allow it's customers to send IP packets 
> > with the wrong SRC address. If not, they (hackers) should found new, new 
> > and new tricks to fraud any IP network.
> > 
> 
You can apply the RPF idiom from multicast to block unicast
flooding.  This would instantly solve the problem, though I am 
not sure what overhead the path evaluation would incur.

BR

brad at iagnet.net

• Previous message (by thread): Smurfing
• Next message (by thread): Smurfing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]