Anyone seeing ping corruption?
Sean Donelan
sean at donelan.com
Mon Dec 20 23:17:07 UTC 2021
On Mon, 20 Dec 2021, Steven Champeon wrote:
> on Mon, Dec 20, 2021 at 04:50:00PM -0500, Sean Donelan wrote:
>> Assuming (not confirmed) mitigating old-style DOS attacks. See
>> "ping of death."
>
> Are there even enough dialup connections and ancient modems left that POD
> is a thing anyone needs to worry about?
Likely not. But ICMP is spoofable, and anyone operating extremely large
attack bounce points, should try to mitigate the attack potential.
Limiting ICMP responses, DNS answers, reducing SYN retries, gratuitous
firewall RSTs, etc, etc.
But I'm just guessing why Google does it. I don't know, and unless a
googler is willing to share; we won't ever know. Sometimes I disagree with
their reasons, but google usually has a reason.
Oh, and also every network operator should implement source address
validation (beating the dead horse, for the nanog mail topic moderators).
More information about the NANOG
mailing list