UDP broadcast filters.

• Previous message (by thread): UDP broadcast filters.
• Next message (by thread): Building a NOC
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I've kept hearing about a UDP smurf floating around and I'd like to put up
[snip]

This is nothing new, except that code for those that just want toys to
break other people's networks has been put out on bigtraq (fraggle.c).

Shut off udp services you don't need.  Re-read the last bit; in
generally, if you don't need to be running something, you're inviting
it to be abused.  Pare down to what you need.

Anyway, use "no service udp-small" in global config on a cisco.  Go into 
inetd and shut off echo and chargen on un*x boxen; review what else you
have turned on while you're at it.  Keep using "no ip directed-broadcast"
(and relatives on non-cisco gear).  

Squirting packets at open UDP ports happens; it can only get amplified
in a "smurf-like" [smurfy?; eg, meaningfully damaging] fashion if you've
got interesting combinations of echo and chargen involved. 

joe, speaking for himself as usual.

• Previous message (by thread): UDP broadcast filters.
• Next message (by thread): Building a NOC
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]