Hi,
In one of the e commerce sites, they were blown up by a Smurf attack. However, the attack was against the upstream ISP, not the e commerce site itself. Had the target insisted the ISP put the "no ip directed broadcast" command on the outgoing line from the ISP to the target, then the Smurf would have not worked.
Just a little opinion of mine. "no ip directed-broadcast" only deals with the directed broadcast to the interface where the command is specified. It does nothing to the transit directed broadcast. To prevent from SMURF attack you have to code this command on each Cisco router interfaces in your network. Alternatively, a packet filter on boundary router blocking any IP packet destined to *.0 or *.255 would do the trink but you still need "no ip directed-broadcast" to deal with the directed broadcast originating from your internal network. Dennis Su ITS, University of Waikato --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog