Anyone seeing ping corruption?

• Previous message (by thread): Anyone seeing ping corruption?
• Next message (by thread): Anyone seeing ping corruption?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 20 Dec 2021, Steven Champeon wrote:
> on Mon, Dec 20, 2021 at 04:50:00PM -0500, Sean Donelan wrote:
>> Assuming (not confirmed) mitigating old-style DOS attacks.  See
>> "ping of death."
>
> Are there even enough dialup connections and ancient modems left that POD
> is a thing anyone needs to worry about?

Likely not.  But ICMP is spoofable, and anyone operating extremely large 
attack bounce points, should try to mitigate the attack potential. 
Limiting ICMP responses, DNS answers, reducing SYN retries, gratuitous 
firewall RSTs, etc, etc.

But I'm just guessing why Google does it.  I don't know, and unless a 
googler is willing to share; we won't ever know. Sometimes I disagree with 
their reasons, but google usually has a reason.

Oh, and also every network operator should implement source address 
validation (beating the dead horse, for the nanog mail topic moderators).

• Previous message (by thread): Anyone seeing ping corruption?
• Next message (by thread): Anyone seeing ping corruption?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]