Reporting Little Blue Men

Jay R. Ashworth jra at scfn.thpl.lib.fl.us
Fri Jan 23 00:09:47 UTC 1998


On Thu, Jan 22, 1998 at 10:21:46AM -0800, Justin W. Newton wrote:
> At 11:41 AM 1/22/98 -0500, Eric Osborne wrote:
> >In other words, I can't prevent my customers from sending packets to
> >a broadcast address, esp. on a subnet smaller than /24.  You might be
> >able to block outgoing packets for destination x.y.z.255, but if you've got
> >a mask >/24 (/23, etc..), couldn't .255 be a valid host address?
> 
> Yes, it could be, actually.  I tried to use it as WAN pool address once
> though and it horrendously confused the RAS, as well as several UNIX boxen
> on the network.

Yes, it could be, but let's remember; isn't the smurf attack the one
that _depends_ on a forged _source_ IP address in order to "work"?

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Two words: Darth Doogie."  -- Jason Colby,
Tampa Bay, Florida             on alt.fan.heinlein              +1 813 790 7592



More information about the NANOG mailing list