From: Edouard Zorrilla (ezorrilla@tsf.com.pe)
Date: Tue Mar 13 2007 - 00:36:33 ART
Take a look at this: http://www.cisco.com:80/warp/public/707/22.html
However from my understanding some OS understand a *.*.*.255 as a brodcast
address, that is why I include this here,
Regards
----- Original Message -----
From: Huang Laurence
To: Edouard Zorrilla
Cc: ccielab@groupstudy.com
Sent: Monday, March 12, 2007 6:02 PM
Subject: Re: Smurf Attack
Thanks Zorrilla,
I have a question that Why you include this network address ' 0.0.0.0
255.255.255.0 ' in your access list. I can understand that '0.0.0.255
255.255.255.0 ' is broadcast address which smurf attack used, but what does
this '0.0.0.255 255.255.255.0' mean?
Thanks all,
Laurence
On 12/03/07, Edouard Zorrilla <ezorrilla@tsf.com.pe> wrote:
One way could be:
Rack1R2#sh access-lists
Extended IP access list SMURF-ATTACk
10 permit icmp any 0.0.0.0 255.255.255.0 echo log-input
20 permit icmp any 0.0.0.255 255.255.255.0 echo log-input
30 permit icmp any any echo-reply log-input
40 permit ip any any
Rack1R2#
Regards
----- Original Message -----
From: <huangyinxiao@gmail.com>
To: <ccielab@groupstudy.com>
Sent: Monday, March 12, 2007 3:19 AM
Subject: Smurf Attack
> Dear all,
>
> How can I define a smurf attack using ip access list?
>
> Regards,
>
> Laurence
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART