Smurf tone down
alex at nac.net
alex at nac.net
Sat May 1 06:15:14 UTC 1999
Hello,
To help quench the effects of smurf attacks on our network, we CEF-CAR all
ICMP on our egress points to about 200% of normal ICMP flows.
However, when a upstream becomes full of ICMP (even though we dump most of
it), it still affects our external connectivity.
My question is, why don't larger upstream providers use CEF-CAR (assuming
that most use this) do the same to limit the effect of smurf attacks on
thier (and subsequently, thier customers') networks?
The floor is open for flames.
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Atheism is a non-prophet organization. I route, therefore I am.
Alex Rubenstein, alex at nac.net, KC2BUO, ISP/C Charter Member
Father of the Network and Head Bottle-Washer
Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the NANOG
mailing list