Reporting Little Blue Men

• Previous message (by thread): Reporting Little Blue Men
• Next message (by thread): Reporting Little Blue Men
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Start by making sure your RAS users and direct customers (your network's
edge) can only output packets that contain their valid source address.
If everyone did this, all of the world's problems would go away; Ozone
depletion, world hunger, that silly rain forest thing, Smurfs and DoS
and maybe even Microsoft! :-)


Best regards,

David Van Allen - FASTNET(tm) / You Tools Corporation
dave at fast.net (888)321-FAST(3278) http://www.fast.net
FASTNET - Business and Personal Internet Solutions 

-----Original Message-----
From: Eric Wieling [mailto:eric at ccti.net]
Sent: Tuesday, January 20, 1998 9:45 AM
To: nanog at merit.edu
Subject: Reporting Little Blue Men


Just about every night someone(s) tries to use us as the "innocent
third party" in smurf attacks.  Of course, we block and log all the
broadcast packets.

Is there any point in trying to report these attacks?  Who would we
report them to?  We don't know what the source is, after all the
address is spoofed.  It seems kind of pointless to notify the victim
-- they already know they have been smurfed.

I want to do my part to try to stop attacks, but I'm baffled on this
one.

--Eric

-- 
Eric Wieling (eric at ccti.net), Chesapeake Communications Corporation
Sales: sales at ccti.net 504-585-1850, Support: support at ccti.net
504-525-5449

We have changed our name!  Corporate Communications Technology is now
known as Chesapeake Communications Corporation.

• Previous message (by thread): Reporting Little Blue Men
• Next message (by thread): Reporting Little Blue Men
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]