source filtering

• Previous message (by thread): source filtering
• Next message (by thread): source filtering
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 12, 1999 at 06:25:47PM +0000, Alex Bligh put this into my mailbox:
> 
> Is UDP smurf much in evidence? (send a UDP packet to the broadcast address
> on the echo server port and you'll either get ICMP port unreachables
> back or UDP echos). The reason I ask is that edge ICMP rate
> limiting won't help UDP.

Supposedly UDP smurf (fraggle) is becoming more popular. I haven't
seen it myself.

The only type of UDP attack I've seen has been where a user breaks
into machine on high bandwidth, fails to get root, and runs a program
that sends large amounts of huge UDP packets to a destination host.
This makes tracing the problem loads easier, and your upstream can
block out the single host.

-dalvenjah

-- 
 Dalvenjah FoxFire (aka Sven Nielsen)  The name's Bean....Mr. Bean.
 Founder, the DALnet IRC Network       
                                      
 e-mail: dalvenjah at dal.net             WWW: http://www.dal.net/~dalvenjah/
 whois: SN90                           Try DALnet! http://www.dal.net/

• Previous message (by thread): source filtering
• Next message (by thread): source filtering
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]