From: Victor Cappuccio (vcappuccio@gmail.com)
Date: Thu Oct 30 2008 - 00:03:28 ARST
one of the best resource published in my opinion
http://www.netmasterclass.net/site/articles/A%20Brief%20Description%20of%20an%20ICMP%20Flood%20Attack.pdf
On Wed, Oct 29, 2008 at 8:34 PM, Michael Dorion <dorionm@gmail.com> wrote:
> I have looked for it myself and was unable to find it. I think its just one
> of those things you have to know from your network experience.
> Here is a document on CCO that may be useful.
>
> "No ip directed-broadcasts" would be a good way to prevent it, however, you
> don't always have control of all entry points on a broadcast segment, so it
> would not be applicable for traffic that is not traversing the router
> itself.
>
>
> http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080149ad6.shtml
>
> NOTICE that when the router is being attacked, the ACL entry being hit by
> the DoS traffic is:
>
> permit icmp any any echo-reply (21374 matches)
>
>
> Hope this helps.
> -Mike
>
> On Wed, Oct 29, 2008 at 9:11 AM, Hash Aminu <hashng@gmail.com> wrote:
>
> > Hi guy,
> >
> > Anybody knows where smurf attack is documented on the DocCD...may be a
> > config example or something like that .
> >
> >
> > TIA
> >
> > Hash
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- Victor Cappuccio CCIE R/S# 20657 CCSI# 30452 www.anetworkerblog.comBlogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:23 ARST