Hi all Today I noticed that my broadcast IP-Address got apparently floodpinged from UltraDNS, causing my ADSL-Upstream to be saturated by ICMP-Replies from all my machines for several hours.
After contacting them it was clear, that this was a SMURF attack against the info. g-tld server. (Spoofed source IP pings) They also told me that a router should not allow pinging of broadcast addresses. I assume all the routed adsl installations that use the common ZyXEL 642 series router have the same potential to be abused for ddos smurf attacks. I added a drop rule for icmp to my broadcast address in my zyxels filter set, but this is not a default rule. Isn't there a way to solve that problem on the isp level? Benoit Panizzon Please send your spam to [EMAIL PROTECTED] This will prevent me from getting more spam from you. ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
