Hi folks, What say all of you to the following idea: Block at the entry/peer router level all packets from networks which are shown to be "Smurf friendly" - that is, those network numbers and/or blocks which are smurf amplifiers (have directed broadcasts enabled)? I was thinking of something similar to the RBL, but that doesn't quite do it; a pull-down route to a sink doesn't do you any good, since what you're after is the *source* address. Now I know this may be entirely impractical for some folks, if for no other reason than CPU resources in those gateways. But this kind of thing would certainly send a message to those open amplifier networks in a big hurry. Think of it as an "attractive nuisance" problem (and fix). - -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost
participants (1)
-
Karl Denninger