Subject: Re: broadcast ping response
To: None <>
From: Thor Lancelot Simon <>
List: tech-net
Date: 01/22/2005 19:47:57
On Sat, Jan 22, 2005 at 04:42:29PM -0800, John Nemeth wrote:
> On Jun 14,  1:00pm, Eric Haszlakiewicz wrote:
> } On Sat, Jan 22, 2005 at 03:57:21PM -0800, John Nemeth wrote:
> } >      Why is NetBSD 2.0 responding to broadcast ICMP ECHO REQUEST (ping)
> } > packets?  Is there any way to stop it.  Because this is a well known
> } > DOS most modern OSes don't respond, so I'm surprised that current
> } > versions of NetBSD do.
> } 
> }       DoS?  How so?  I would think that responding to a ping takes
> } considerably less resources than, say, responding to a connection attempt.
>      It is a traffic amplification attack.  Picture a network with 50+
> machines, which respond to broadcast packets.  You send one ping packet
> to the broadcast address and get 50 back.  A great way to flood a
> network with very little effort.  Send a continuous stream of packets

It takes a heck of wimpy network to be flooded in *this* way.

I find machines that don't respond to broadcast pings mildly annoying.