Prevention Techniques (cont’d)
How to prevent being a “bounce site” in a
“Smurf” or “Fraggle” attack:
Turn off directed broadcasts to networks:
Cisco:  Interface command “no ip directed-broadcast”
As of 12.0, this is default (CSCdj31162)
Proteon:  IP protocol configuration “disable directed-broadcast”
Bay Networks:  Set a false static ARP address for bcast address
3Com:  SETDefault -IP CONTrol = NoFwdSubnetBcast
Use access control lists (if necessary) to prevent
ICMP echo requests from entering your network
Configure host machines to not reply to broadcast
ICMP echos