That's right, udp echo is called Fraggle attack. Message: 7 > Date: Tue, 5 Jun 2012 08:15:24 -0400 > From: Fawad Khan <[email protected]> > To: Matt Hill <[email protected]> > Cc: "[email protected]" > <[email protected]> > Subject: Re: [OSL | CCIE_Security] Blocking flood attack on an > interface > Message-ID: > <caccj_th-cn_p_ww2oasefnxzd42w4osjzlj31sqaher2jnu...@mail.gmail.com > > > Content-Type: text/plain; charset="iso-8859-1" > > UDp one is fragile I think. > > On Tuesday, June 5, 2012, Matt Hill wrote: > > > That got me thinking... does a smurf attack have to be ICMP, or can it be > > UDP? > > > > I think it can be UDP too, because the point is using the directed > > bcast address? > > > > Thoughts? > > > > On 5 June 2012 21:58, Matt Hill <[email protected] <javascript:;>> > wrote: > > > Probably not.. The attack could be a UDP flood. > > > > > > On 5 June 2012 21:35, Fawad Khan <[email protected] <javascript:;>> > > wrote: > > >> How about blocking echo and echo-reply as well, one coul be victim or > > >> reflector. > > >> > > >> > > >> On Tuesday, June 5, 2012, Matt Hill wrote: > > >>> > > >>> Off the top of my head... An ACL with the broadcast address as the > > >>> destination? (???) > > >>> > > >>> Cheers, > > >>> Matt > > >>> > > >>> CCIE #22386 > > >>> CCSI #31207 > > >>> > > >>> On 5 June 2012 18:03, Kingsley Charles <[email protected] > <javascript:;>> > > wrote: > > >>> > Hi all > > >>> > > > >>> > How do we block smurf attacks on an interface other than using "no > ip > > >>> > directed-broadcast"? I can't think of any other commands. > > >>> > > > >>> > > > >>> > With regards > > >>> > Kings > > >>> > > > >>> > _______________________________________________ > > >>> > For more information regarding industry leading CCIE Lab training, > > >>> > please > > >>> > visit www.ipexpert.com > > >>> > > > >>> > Are you a CCNP or CCIE and looking for a job? Check out > > >>> > www.PlatinumPlacement.com > > >>> _______________________________________________ > > >>> For more information regarding industry leading CCIE Lab training, > > please > > >>> visit www.ipexpert.com > > >>> > > >>> Are you a CCNP or CCIE and looking for a job? Check out > > >>> www.PlatinumPlacement.com > > >> > > >> > > >> > > >> -- > > >> FNK > > > > > -- > FNK > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > </archives/ccie_security/attachments/20120605/39da4f96/attachment.html> > > End of CCIE_Security Digest, Vol 72, Issue 15 > ********************************************* >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
