Access-list for Smurf Attack : Which one is to be used in the

From: C D (scdman@gmail.com)
Date: Fri Feb 22 2008 - 16:58:55 ARST

Hi Group,

Here are the 2 access-list we can use for preventing DoS for Smurf attack,
do you have any suggestion on whether to use the access-list 111 or 169 in
the exam.

access-list 111 permit icmp any 0.0.0.255 255.255.255.0 echo
access-list 111 permit icmp any 0.0.0.0 255.255.255.0 echo
access-list 111 permit icmp any 0.0.0.255 255.255.255.0 echo-reply
access-list 111 permit icmp any 0.0.0.0 255.255.255.0 echo-reply
access-list 111 permit udp any 0.0.0.255 255.255.255.0 eq echo
access-list 111 permit udp any 0.0.0.0 255.255.255.0 eq echo
access-list 111 permit udp any eq echo 0.0.0.255 255.255.255.0
access-list 111 permit udp any eq echo 0.0.0.0 255.255.255.0

access-list 169 permit icmp any any echo
access-list 169 permit icmp any any echo-reply
access-list 169 permit udp any any eq echo
access-list 169 permit udp any eq echo any

Thanks and Regards
SCD

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:49 ARST