Re: DoS help

[RandallM <randallm () fidmail com>]

> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 9 Nov 2010 02:18:09 -0500 (EST)
> From: der Mouse <mouse () Rodents-Montreal ORG>
> Subject: Re: [funsec] DoS help
> To: funsec () linuxbox org
> Message-ID: <201011090718.CAA14998 () Sparkle Rodents-Montreal ORG>
> Content-Type: text/plain; charset="iso-8859-1"
>
> > > about two hours of it in the afternoon (I've never experienced where
> > > it hit the whole damn thing X.X.X.255)
>
> > [...] I'll bite just in case someone who actually has this problem
> > runs into the thread on Google;
>
> > Above scenario is indicative of a network being an intermediary in a
> > UDP broadcast amplification attack, i.e. fraggle.
>
> ...and, in most cases, a suitable defense is to make sure that the
> router(s) into that broadcast domain don't forward directed broadcast
> traffic, ie, traffic which is not a broadcast on the network the router
> receives it on but is a broadcast on the network it would otherwise be
> sent to.  (Most networks have no use for such traffic and most routers
> can be configured this way; indeed, I think some can't be made to
> behave any other way.)
>
> /~\ The ASCII                             Mouse
> \ / Ribbon Campaign
>  X  Against HTML                mouse () rodents-montreal org
> / \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

"don't forwared".

the shitty part here is SBC has the cisco internet access router. I
can't do crap. and now they tell me I have to talk to them about a
threat management service.



-- 
been great, thanks
RandyM
a.k.a System

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.