Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Anti Smurf enabling
When/If they get it fixed, I would hope that the make the Forward directed
Bcast option set to No by default. With all the problems we've had trying
to contact people and get them to fix their routers, I think it's just
best if people have to specificly set it to Yes for their operations than
to have to constantly bug them to set it to No to protect the rest of the
net. I would guess that a MAX40xx or two wouldn't be too bad but a high
density TNT box could be trouble.
Regards,
Joe Shaw - jshaw@insync.net
NetAdmin - Insync Internet Services
Fortune: 43rd Law of Computing: Anything that can go wr
fortune: Segmentation violation -- Core dumped
On Wed, 29 Apr 1998, Andre Beck wrote:
> You need a 6.x firmware. Then just say "Forward directed Bcast=No" in
> Mod config. You my as well say "Reply directed Bcast Ping=No" to prevent
> the Max from answering bcast pings. But with "Forward directed Bcast=No"
> be sure to verify that your routing is still operative. There was some
> awkward bug in the last release where we checked this, to the effect that
> this setting did not only filter out directed bcasts to be forwarded, but
> also those originated on the boxes like - imagine - RIP. Short said, if
> your RIP is R.I.P. after setting this to No, you will either have a real
> reason to switch to RIPv2 Multicast or will need to keep this option
> on Yes and write your own filter until this is fixed.
>
> | o | Andre' Beck (ABPSoft) AB10-RIPE XLink PoP Dresden | o |
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups:
References: