[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re[2]: [FW1] How do I stop being smurfed?
Hello Tom, Tuesday, October 03, 2000, 5:30:02 PM, you wrote: RT> I am truly concerned that your ISP is not helping you with this situation. RT> I don't understand how a router, on YOUR network, configured with filtering RT> to stop an attack, can affect other customers. (The router and dsu are on RT> YOUR site, right? The only traffic coming to and from THAT router is yours, RT> right?) In my last shop, WE managed the small router (Cisco 2500) connected RT> to our ISP. The filtering you want is not a major problem. I think you RT> should pursue this to the highest level at the ISP. I think the "Internet RT> Industry" in general would be OUTRAGED, that you have identified an attack, RT> and your ISP offers NO assistance, when the fix is obvious. Just my two RT> cents... Smurf attack is aimed at the bandwidth. It is useless to put accesslist on YOUR router, since the hostile traffic reaches your pipe and saturates it. The ACL has to be BEFORE your router, eg at your ISP's main router. It should even be put BEFORE your Isp (at your ISP's carriers) to be perfectly effective. And since this traffic is spoofed, it also means that your ISP would cut itself from half of the world (if the attacker is clever, he spoofs high traffic places ;) And your ISP refuses to put access lists ("it affects other customers") beause an ACL slows down the router, is a CPU hog, and they would slow down their entire company just to avoid you beeing smurfed. (And could cut themselves from major sites if the traffic is spoofed.) I'm telling you they are right to do so, I'm just telling you the real-life facts. -- Best regards, Cedric mailto:[email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|