That would make you one of the (few) Good Guys! Dave Van Allen -----Original Message----- From: Eric Wieling [mailto:eric@ccti.net] Sent: Wednesday, January 21, 1998 4:34 PM To: nanog@merit.edu Subject: Re: Reporting Little Blue Men On Tue, Jan 20, 1998 at 07:50:16PM -0500, Dave Van Allen wrote:
Start by making sure your RAS users and direct customers (your network's edge) can only output packets that contain their valid source address. If everyone did this, all of the world's problems would go away; Ozone depletion, world hunger, that silly rain forest thing, Smurfs and DoS and maybe even Microsoft! :-)
We prevent ANY packets to or from our network with a broadcast address. We don't filter on a per-machine basis for address spoofing, but ALL packets leaving our network must have a valid address on our network. Basically, one user on our network can spoof another user on our network, but no users can spoof addresses that are not on our network. --Eric -- Eric Wieling (eric@ccti.net), Chesapeake Communications Corporation Sales: sales@ccti.net 504-585-1850, Support: support@ccti.net 504-535-5449 We have changed our name! Corporate Communications Technology is now known as Chesapeake Communications Corporation.