13 Oct
2000
13 Oct
'00
11:20 p.m.
John Fraizer writes:
If someone doesn't want people sending ICMP echo-request to their network, they need to block it at the borders. If they do that, even if they have amp nets inside, they won't be available for abuse from the outside.
Only from ICMP echo-request based DDoS', others will still be available. They'd have to block all traffic to their broadcast addresses, which is pretty much what ``no directed broadcast'' does anyway.
In any case, I find scanning for SMURF amps and scanning for vulnerabilities to be quite different.
Can't say I agree, since in fact they are both "vulnerabilities". This is already too damn close to the usual thread about the other active scan for my comfort. /mark