Smurf Amp Nets
Richard Thomas
buglord at ex-pressnet.com
Thu Jun 18 17:09:05 UTC 1998
-----Original Message-----
From: Jon Lewis <jlewis at inorganic5.fdt.net>
To: Oystein Homelien <oystein at homelien.no>
Cc: Andrew Herdman <andrew at whine.com>; nanog at merit.net <nanog at merit.net>
Date: Wednesday, June 17, 1998 7:51 PM
Subject: Re: Smurf Amp Nets
>On Thu, 18 Jun 1998, Oystein Homelien wrote:
>
>> You need to push the "probe=" parameter to the cgi as well. What you are
>> doing above is merely looking up already-registered networks in the SAR
>> database. Again, you are NOT probing the networks through the SAR by
>> running the above lynx command!
>>
>> To do what you want, you must use URLs of this form:
>>
>> http://www.powertech.no/smurf/probe.cgi?network=1.2.3.4&probe=PROBE
>
>ack! I somehow missed that when pasting the URL from Netscape into my
>editor. Here's an updated version. Chris Bongaarts <cab at tc.umn.edu> sent
>the 172.16/12 regex I was too lazy to include before.
>
>#!/usr/bin/perl
>
>while (<STDIN>) {
> ($net,$junk)=split /:/,$_,2;
> if (($net=~/\d+\.\d+.\d+/) &&
>
!($net=~/^(0\.)|(10\.)|(192\.168)|(172\.((1[6-9])|(2[0-9])|(3[01]))\.)|(255\
.255\.255)/)){
> system("lynx -dump 'http://www.powertech.no/smurf/probe.cgi?network=$net&probe=PROBE'");
> }
> elsif ($net=~/---/) {
> die "\ndone.\n";
> }
>}
>
>I'm using this to make sure all the nets I recently posted about are
>registered. Based on the times reported by SAR, I think I'll be adding a
>bunch of new nets to it.
Might want to add a delay considering the amount of bandwidth they will be receiving if they tried to send out all those probes at once. In a previous message it was stated that a probe uses 4x64bytes, plus amplification by the broadcasts. I just took the SAR offline for about 4 minutes while trying running a SMALL portion of my bcasts through your script on my 28.8k modem, and it didn't even come close to completing that portion. That fact aside you won't get very accurate results if the SAR is so flooded it can't receive the replies. I would suggest they use ping
-s 1 or -s 8 if the timing information is desired.
More information about the NANOG
mailing list