[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] How do I stop being smurfed?
You can't stop being the victim of a smurf attack. The reflector networks which allow directed broadcasts (large percentage appear to be govt/mil routers) are the source of the traffic and you don't have administrative control over them. What you can do is make sure you are not a reflector network and make sure that nobody on your network is infected with TFN2000. ----- Original Message ----- From: "Ejvind Kristian" <[email protected]> To: "'Tim Gollschewsky'" <[email protected]>; "Firwall-1 List" <[email protected]> Sent: Tuesday, October 03, 2000 9:15 AM Subject: RE: [FW1] How do I stop being smurfed? > > > Is there ANYTHING else I can do? > > If you've got a solaris fw-1, add > > ndd -set /dev/ip ip_forward_directed_broadcasts > ndd -set /dev/ip ip_respond_to_address_mask_broadcast > > to your startup scripts. > > If you're using Cisco's, add > > no ip directed-broadcast > > to _all_ interface sections on all routers. (IOS 12.0 > and later disables directed broadcasts by default) > > /Kristian > > ----------------------------------------- > Kristian Ejvind - [email protected] > System admin at SPP Investment Management > ----------------------------------------- > > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|