RE: smurf attack

From: mani poopal (mani_ccie@yahoo.com)
Date: Tue May 10 2005 - 00:28:03 GMT-3

• Next message: Security Candidate: "RE: smurf attack"
• Previous message: Brian McGahan: "RE: IE Workbook Vol II"
• Maybe in reply to: mani poopal: "smurf attack"
• Next in thread: Security Candidate: "RE: smurf attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Tony,
 
I think the "ip verify unicast reverse-path" command stops packets from sources of ip address not in the routing table. ie: without verifiable source address. But this major network is in the routing table of the router, so how this command stops the smurf attack
 
thanks
 
Mani

Tony Schaffran <groupstudy@cconlinelabs.com> wrote:
Here is the best way to stop a smurf attack.

ip verify unicast reverse-path

The access list was used to filter spoofed IP packets before this command
was introduced.

Tony Schaffran
Network Analyst
CCIE #11071
CCNP, CCNA, CCDA,
NNCDS, NNCSS, CNE, MCSE

www.cconlinelabs.com
Your #1 choice for online Cisco rack rentals.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tony
Schaffran
Sent: Monday, May 09, 2005 6:52 PM
To: 'Tony Schaffran'; 'mani poopal'; ccielab@groupstudy.com
Subject: RE: smurf attack

Disregard my last.

I was thinking of another attack.

Tony Schaffran
Network Analyst
CCIE #11071
CCNP, CCNA, CCDA,
NNCDS, NNCSS, CNE, MCSE

www.cconlinelabs.com
Your #1 choice for online Cisco rack rentals.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tony
Schaffran
Sent: Monday, May 09, 2005 6:48 PM
To: 'mani poopal'; ccielab@groupstudy.com
Subject: RE: smurf attack

You need to understand what a SMURF attack is before you can know how to
stop it.

Google it.

Tony Schaffran
Network Analyst
CCIE #11071
CCNP, CCNA, CCDA,
NNCDS, NNCSS, CNE, MCSE

www.cconlinelabs.com
Your #1 choice for online Cisco rack rentals.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of mani
poopal
Sent: Monday, May 09, 2005 6:27 PM
To: ccielab@groupstudy.com
Subject: smurf attack

Hi Group,

If your network(150.15.0.0/16) is subjected to smurf attack how do you
prevent it. Is it attck by inturder stealing your own ip address. Is the
following config is enough to stop the smurf attack.

access-list 101 deny ip 150.15.0.0 0.0.255.255 any
access-list 101 permit ip any any

int s 0
ip access-group 101 in

thanks

Mani

B.ENG,A+,CCNA,CCNP,CCNP-VOICE, CSS1,CNA,MCSE
(416)431 9929
MANI_CCIE@YAHOO.COM

• Next message: Security Candidate: "RE: smurf attack"
• Previous message: Brian McGahan: "RE: IE Workbook Vol II"
• Maybe in reply to: mani poopal: "smurf attack"
• Next in thread: Security Candidate: "RE: smurf attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3