I think I would agree that the no ip-directed broadcast command is the
way to go here. It has the additional advantage of preventing the Fraggle
attack also as the command would drop packets based on the IP address not
the protocol so both ICMP and UDP (and TCP etc for that matter) would be
Hi all
How do we block smurf attacks on an interface other than using no ip
directed-broadcast? I can't think of any other commands.
With regards
Kings
___
For more information regarding industry leading CCIE Lab training, please visit
How about blocking echo and echo-reply as well, one coul be victim or
reflector.
On Tuesday, June 5, 2012, Matt Hill wrote:
Off the top of my head... An ACL with the broadcast address as the
destination? (???)
Cheers,
Matt
CCIE #22386
CCSI #31207
On 5 June 2012 18:03, Kingsley Charles
Probably not.. The attack could be a UDP flood.
On 5 June 2012 21:35, Fawad Khan fawa...@gmail.com wrote:
How about blocking echo and echo-reply as well, one coul be victim or
reflector.
On Tuesday, June 5, 2012, Matt Hill wrote:
Off the top of my head... An ACL with the broadcast
That got me thinking... does a smurf attack have to be ICMP, or can it be UDP?
I think it can be UDP too, because the point is using the directed
bcast address?
Thoughts?
On 5 June 2012 21:58, Matt Hill mayd...@gmail.com wrote:
Probably not.. The attack could be a UDP flood.
On 5 June 2012
UDp one is fragile I think.
On Tuesday, June 5, 2012, Matt Hill wrote:
That got me thinking... does a smurf attack have to be ICMP, or can it be
UDP?
I think it can be UDP too, because the point is using the directed
bcast address?
Thoughts?
On 5 June 2012 21:58, Matt Hill
Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface
Not ACL but some interface command should be the answer. I just saw this
question floating...
With regards
Kings
On Tue, Jun 5, 2012 at 2:58 PM, Matt Hill mayd...@gmail.com wrote:
Off the top of my head... An ACL
A lot depends on the question. It would be mentioned in he question how to
resolve it, there would be some clear hints.
Don't believe on the answers posted on the forums for floating questions. A
lot of those wanna bees are pretty down low in technology and they are just
posting anything that
: elizabeth...@hotmail.co.uk
To: kingsley.char...@gmail.com; mayd...@gmail.com
Date: Tue, 5 Jun 2012 12:59:35 +
CC: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface
how about using the 'ip verify unicast reverse-path' command
, 5 Jun 2012 09:37:55 -0400
From: fawa...@gmail.com
To: kingsley.char...@gmail.com
CC: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface
A lot depends on the question. It would be mentioned in he question how to
resolve it, there would
That's right, udp echo is called Fraggle attack.
Message: 7
Date: Tue, 5 Jun 2012 08:15:24 -0400
From: Fawad Khan fawa...@gmail.com
To: Matt Hill mayd...@gmail.com
Cc: ccie_security@onlinestudylist.com
ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Blocking
2012 14:17:29 -0400
Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface
From: fawa...@gmail.com javascript:_e({}, 'cvml', 'fawa...@gmail.com');
To: elizabeth...@hotmail.co.uk javascript:_e({}, 'cvml',
'elizabeth...@hotmail.co.uk');
CC: ccie_security@onlinestudylist.com
Oh, no CCIE Number that you actually passed! Just Blah, blah
What a waist of space
Date: Tue, 5 Jun 2012 15:10:53 -0400
Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an interface
From: fawa...@gmail.com
To: elizabeth...@hotmail.co.uk
CC: ccie_security
: [OSL | CCIE_Security] Blocking flood attack on an interface
A lot depends on the question. It would be mentioned in he question how to
resolve it, there would be some clear hints.
Don't believe on the answers posted on the forums for floating questions. A lot
of those wanna bees are pretty down low
14 matches
Mail list logo