 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| • |
How
to prevent being a “bounce site” in a
|
|
|
“Smurf”
or “Fraggle” attack:
|
|
|
|
Turn
off directed broadcasts to networks:
|
|
|
|
Cisco: Interface command “no ip
directed-broadcast”
|
|
|
|
As
of 12.0, this is default (CSCdj31162)
|
|
|
|
Proteon: IP protocol configuration “disable
directed-broadcast”
|
|
|
Bay
Networks: Set a false static ARP
address for bcast address
|
|
|
|
3Com: SETDefault -IP CONTrol =
NoFwdSubnetBcast
|
|
|
|
Use
access control lists (if necessary) to prevent
|
|
|
ICMP
echo requests from entering your network
|
|
|
|
Configure
host machines to not reply to broadcast
|
|
|
ICMP
echos
|
|
