15 Apr
1998
15 Apr
'98
midnight
Stephen Sprunk writes:
If you have a suggestion for "removing the attack possibility in its entirety," please tell us. So far, nobody's come up with one.
SMURF'ing depends on spoofed source addresses, so the appropriate filter is customer (and if your can afford it peer) ingress, not network egress. Anyone willing to install a *.255 filter should instead eliminate directed-broadcast response, and validate packets they will accept.