Re: smurf attack.

From: Colin Coller <colin_at_no.spam.please>
Date: Mon Dec 29 1997 - 18:01:49 CST

On Mon, 29 Dec 1997, Highbit wrote:

> sasktel is working on fixing it, hopefully by simply NOT forwarding in
> broadcast icmp echo requests to us adsl'ers.

good to hear.

> in the last 24 hours. thats friggin rediculous. i'd be willing to be
> its someone on irc that's amusing himself by ping-flooding people off
> irc. (given by the short durations of the attacks, and that alot of the
> victim ip's tend to be dialup ppp lines)

i'm not one to make unfair generalizations, but everyone on irc is an
idiot. :)

> can someone confirm that one HAS to be inside our adsl subnet to do the
> attack, i was under the impression that anyone outside our subnet would
> be able to do the attack (would we be able to snag the hardware ethernet
> "mac" address if the attacker were actually in our subnet?..would only
> be usefull to prove/disprove suspects)

no, you can smurf other subnets, but the destination address in my case
was this means that either the attacker is on my subnet
or sasktel's routers are fucked.

> i can only hope that sasktel will fix it, and given the mail i've received so
> far from them, they want it fixed as much as we do. at least i havent seen
> an attack since 11:25am today (2:10pm as a write this)

you get mail from sasktel? sasktel geeks? sasktel geeks who know what's
going on? share and enjoy. i'm sick of being constrained by's
hours for technical support. :p

Received on Mon Dec 29 18:01:49 1997

This archive was generated by hypermail 2.1.8 : Sun Jan 09 2005 - 13:53:47 CST