Good point. -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost On Tue, Apr 14, 1998 at 03:25:34PM -0500, Stephen Sprunk wrote:
Are we really concerned about being smurfed by a /30, or even a /27?
The essential problem is backbone class-C's, especially those in NAPs where coordination is nearly impossible. Smaller subnets tend to be in small ISPs' or customers' networks, which don't pose a threat since they lack the bandwidth for an effective attack.
Stephen
Karl Denninger wrote:
The larger problem is that subnetted /24s still are wide open. This kind of filter won't block anything from their broadcast addresses, since they're not the .255 address.
-- Stephen Sprunk "Oops." Email: sprunk@paranet.com Sprint Paranet -Albert Einstein ICBM: 33.00151N 96.82326W