Re: smurf attack

To: debian-firewall@lists.debian.org
Subject: Re: smurf attack
From: Frederik Schueler <fs@lowpingbastards.de>
Date: Thu, 23 May 2002 11:16:03 +0200
Message-id: <[🔎] 20020523091603.GC954@lowpingbastards.de>
In-reply-to: <[🔎] OBCADHONLEOFIAAA@mailcity.com>
References: <[🔎] OBCADHONLEOFIAAA@mailcity.com>

Hi,

On Thu, May 23, 2002 at 01:59:35AM -0700, sim ton wrote:
> hi,
> i need some advise
> 
> does this line help me to protect well against smurf attack :
> echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts # No Smurf amplifying

This stops your hosts from being misused to execute smurf attacks
against others. It should always be set if your router does not drop
them.

> is there a better solution ?

Disabling icmp echo replys to your hosts on the backbone. there is no
other way, AFAIK.

Denying icmp on your local firewalls does not keep others from
saturating your connection.

HTH
Frederik Schüler

-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- smurf attack
  - From: "sim ton" <firewall38@lycos.com>

Prev by Date: smurf attack
Next by Date: scanning ports
Previous by thread: smurf attack
Next by thread: Re: smurf attack
Index(es):
- Date
- Thread