I've kept hearing about a UDP smurf floating around and I'd like to put up [snip]

This is nothing new, except that code for those that just want toys to break other people's networks has been put out on bigtraq (fraggle.c). Shut off udp services you don't need. Re-read the last bit; in generally, if you don't need to be running something, you're inviting it to be abused. Pare down to what you need. Anyway, use "no service udp-small" in global config on a cisco. Go into inetd and shut off echo and chargen on un*x boxen; review what else you have turned on while you're at it. Keep using "no ip directed-broadcast" (and relatives on non-cisco gear). Squirting packets at open UDP ports happens; it can only get amplified in a "smurf-like" [smurfy?; eg, meaningfully damaging] fashion if you've got interesting combinations of echo and chargen involved. joe, speaking for himself as usual.