Re: ICMP/SYN Flood

From: Sebastian Jaenicke (tsaat_private)
Date: Thu May 22 2003 - 12:39:16 PDT

Next message: Whiteside, Larry [contractor]: "RE: DDoS Attack"

Previous message: listsat_private: "Re: DDoS Attack"
In reply to: Muhammad Naseer Bhatti: "ICMP/SYN Flood"
Next in thread: CTA: "Re: ICMP/SYN Flood"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 22, 2003 at 07:47:21AM +0500, Muhammad Naseer Bhatti wrote:
[..]
> And the list goes oon .. The question I want to ask here, is the
> network/router poorly configured at my NOC which is allowing
> broadcasts/networks to pass through it? If so, how can I assist them to fix
> it? I am not a Cisco guru, so might need someone to give me some hints so
> that I can pass that to the poor NOC techs.

"no ip directed-broadcast" disallows packets targeted at broadcast 
addresses. Note this applies to destination, but not source IP address.
This is the default setting in Cisco IOS 12.0 and later.

- Sebastian
-- 
Sebastian Jaenicke                                   Disce aut discede!
whois pgpkey-18AC0BE4 -h whois.ripe.net|perl -ne's-^certif: +--&&print'

application/pgp-signature attachment: stored

Next message: Whiteside, Larry [contractor]: "RE: DDoS Attack"
Previous message: listsat_private: "Re: DDoS Attack"
In reply to: Muhammad Naseer Bhatti: "ICMP/SYN Flood"
Next in thread: CTA: "Re: ICMP/SYN Flood"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri May 23 2003 - 10:21:25 PDT