North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: SMURF amplifier block list
> What about people who didn't subnet their class B on the eight bit > boundry, but made larger subnets instead? What about the class B that > doesn't appear to be subnetted at all? What about supernetted class C > networks? A trailing .255 can be a valid host. And what's worng? If they di nit subnet their B network, the tail of address should be .255 too. If someone have particular .255 host - OK, you should not be able to ping it, not more. The small fee for the free-of-smurfing-from-your-network. > > Why don't use the filter > > > > deny icmp any 0.0.0.255 255.255.255.0 echo-request Just now, USA's ISP seems to be absolutely helpless facing SMURF. A lot of networks do not block aroadcast echo-request's; no one even know how to trace thos 'echo-request' packets by their network... may be I am wrong, and it's because there is _a lot of ISP_ there, and even a few af them who do not know how to fight against SMURF compose a good backet - I do not know. Really; does anyone know any sucsessfull attempts to search for the smurfer? What penalty was provided for this hackers? Does exist some legitimate way to establish a lawsuite against them (when they'll be located - last is the only matter of qualification for their nearest ISP, not more).