On Thu, Jan 22, 1998 at 10:21:46AM -0800, Justin W. Newton wrote:
At 11:41 AM 1/22/98 -0500, Eric Osborne wrote:
In other words, I can't prevent my customers from sending packets to a broadcast address, esp. on a subnet smaller than /24. You might be able to block outgoing packets for destination x.y.z.255, but if you've got a mask >/24 (/23, etc..), couldn't .255 be a valid host address?
Yes, it could be, actually. I tried to use it as WAN pool address once though and it horrendously confused the RAS, as well as several UNIX boxen on the network.
Yes, it could be, but let's remember; isn't the smurf attack the one that _depends_ on a forged _source_ IP address in order to "work"? Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby, Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592