nanog mailing list archives
Re: [nsp] known networks for broadcast ping attacks
From: Rick Watson <rick () akbar cc utexas edu>
Date: Mon, 11 Aug 1997 21:57:31 -0500 (CDT)
Netstat Webmaster wrote:
[some text omitted] The real problem I see with this particular attack is that there is nothing short of blocking all ICMPs that 'victim.com' can do. At least not that I am aware of. Regards, Tripp webmaster@http://www.netstat.net
This does not solve the entire problem. We have been the victim of such an attack for the last several days. The attack is using up about 7 Mbits of our DS3 to Sprint or about 16%. Filtering out ICMP packets at the router we control only prevents the target host from seeing the ping replies, but does not recover the portion of our circuit occupied by the ping replies, or of Sprint's backbone circuits, or of other provider's circuits in the path, etc. The filters need to be higher up the chain. EVERYONE needs to install anti-spoof filters. I'd prefer not to be forced to filter out all pings. Everyone filtering out ICMP packets means there is a 100% successful denial of service attack on what is otherwise a very useful debugging tool (ping). Rick Watson The University of Texas, ACITS Networking Services r.watson () utexas edu
Current thread:
- Re: [nsp] known networks for broadcast ping attacks Joe Provo - Network Architect (Aug 02)
- <Possible follow-ups>
- Re: [nsp] known networks for broadcast ping attacks Rick Watson (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Eric Wieling (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks David P. Maynard (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Miquel van Smoorenburg (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Jonah Yokubaitis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Jon Lewis (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)
- Re: [nsp] known networks for broadcast ping attacks Martin Cooper (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Greg Ketell (Aug 12)
- Message not available
- Re: [nsp] known networks for broadcast ping attacks Sharif Torpis (Aug 12)
- Re: [nsp] known networks for broadcast ping attacks Charles Sprickman (Aug 11)