More smurf fun

Dave Rand was known to have said:

Here's the latest group of smurf-able networks.


Some of the phone calls were interesting. Many of the NOC staff did not
know what a smurf attack was (so I explained it to them). Many did not want
to set no ip directed-broadcast because they didn't know what it would do.


A quick note:

If you find yourself having problems from this netblock, please contact
either (me) or

We currently cannot disable directed broadcast due to a NASTY bug
in the packet forwarding code of the Proteon routers we use on our
backbone. We are working with Proteon to solve this issue.

(I'm also trying to figure out if the issue is worth posting to Bugtraq.)

In the meanwhile, we have implemented blackhole routing for the subnets
that seemed to be at issue.

Why should not you filter out all packets destinated to this very
broadcast address somewhere on the border router? By their DST address,
not as _direct broadcast_ packets?