•
•
•How to prevent being a “bounce site” in a “Smurf” or “Fraggle”
attack:
Turn
off directed broadcasts to networks:
Cisco: Interface
command “no ip directed-broadcast”
As of 12.0, this is default (CSCdj31162)
Proteon: IP protocol
configuration “disable directed-broadcast”
Bay Networks: Set a
false static ARP address for bcast address
3Com: SETDefault -IP
CONTrol = NoFwdSubnetBcast
Use
access control lists (if necessary) to prevent ICMP echo requests from entering your
network
Configure
host machines to not reply to broadcast ICMP
echos