ICANN Targets DDoS Attacks
Crist J. Clark
crist.clark at attbi.com
Wed Oct 30 21:35:38 UTC 2002
On Tue, 29 Oct 2002 16:00:06 -0500, Valdis.Kletnieks at vt.edu wrote,
> On Tue, 29 Oct 2002 12:48:39 PST, Jeff Shultz said:
>
> > >Smurf.
>
> > Okay. What will this do to my user's ping and traceroute times, if
> > anything? I've got users who tend to panic if their latency hits 250ms
> > between here and the moon (slight exaggeration, but only slight).
> >
> > I just love it when I've got people blaming me because the 20th hop on
> > a traceroute starts returning * * * instead of times.
>
> So you rate limit it to several/second or something appropriate for the normal
> traffic levels. You don't allow ping/traceroute to broadcast addresses.
On the classless Internet, how does any router know what is or is not
a broadcast address when the final destination is not local?
--
Crist J. Clark | cjclark at alum.mit.edu
| cjclark at jhu.edu
http://people.freebsd.org/~cjc/ | cjc at freebsd.org
More information about the NANOG
mailing list