Re: Smurf Attack

From: Huang Laurence (huangyinxiao@gmail.com)
Date: Mon Mar 12 2007 - 20:02:10 ART

• Next message: ian: "Re: Re: Port-security"
• Previous message: ian: "Re: RE: Lock&key"
• Maybe in reply to: huangyinxiao@gmail.com: "Smurf Attack"
• Next in thread: Edouard Zorrilla: "Re: Smurf Attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks Zorrilla,

I have a question that Why you include this network address ' 0.0.0.0
255.255.255.0 ' in your access list. I can understand that '0.0.0.255
255.255.255.0 ' is broadcast address which smurf attack used, but what does
this '0.0.0.255 255.255.255.0' mean?

Thanks all,

Laurence

On 12/03/07, Edouard Zorrilla <ezorrilla@tsf.com.pe> wrote:
>
> One way could be:
>
> Rack1R2#sh access-lists
> Extended IP access list SMURF-ATTACk
> 10 permit icmp any 0.0.0.0 255.255.255.0 echo log-input
> 20 permit icmp any 0.0.0.255 255.255.255.0 echo log-input
> 30 permit icmp any any echo-reply log-input
> 40 permit ip any any
> Rack1R2#
>
> Regards
>
> ----- Original Message -----
> From: <huangyinxiao@gmail.com>
> To: <ccielab@groupstudy.com>
> Sent: Monday, March 12, 2007 3:19 AM
> Subject: Smurf Attack
>
>
> > Dear all,
> >
> > How can I define a smurf attack using ip access list?
> >
> > Regards,
> >
> > Laurence
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

• Next message: ian: "Re: Re: Port-security"
• Previous message: ian: "Re: RE: Lock&key"
• Maybe in reply to: huangyinxiao@gmail.com: "Smurf Attack"
• Next in thread: Edouard Zorrilla: "Re: Smurf Attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART