HELP:SMURF ATTACK

From: cscoitit cscoitit (cscoitit@yahoo.ca)
Date: Fri Nov 04 2005 - 23:06:50 GMT-3

• Next message: serge Hacobian: "multicast timers on cisco router's"
• Previous message: Scott Morris: "RE: Frame Relay DLCI numbers"
• Next in thread: pwellington: "Re: HELP:SMURF ATTACK"
• Maybe reply: pwellington: "Re: HELP:SMURF ATTACK"
• Maybe reply: Chris Lewis: "Re: HELP:SMURF ATTACK"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Friends,
 
I have a doubt in smurf attack. How do I log the smurf attack on the interface. In the web smarf attack is defined as icmp echo requests to specific directed broadcast address specifying false source address(victim). ****Do we have to define udp in the access list or is icmp is enough***
I will be writing my exam next week.
 
my configs as follows:
acl 101 permit icmp any any eq echo log
acl 101 permit icmp any any eq echo-reply log
acl 101 permit ip any any
 
ip access-group 101 in
 
 
 

                
---------------------------------
Find your next car at Yahoo! Canada Autos

• Next message: serge Hacobian: "multicast timers on cisco router's"
• Previous message: Scott Morris: "RE: Frame Relay DLCI numbers"
• Next in thread: pwellington: "Re: HELP:SMURF ATTACK"
• Maybe reply: pwellington: "Re: HELP:SMURF ATTACK"
• Maybe reply: Chris Lewis: "Re: HELP:SMURF ATTACK"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:05 GMT-3