getting Smurfing "under control" takes two things:

o All router administrators on the immediately reachable
   Internet needs to turn off directed broadcasts on their router

o Making sure source IP address spoofing isn't as easily done as
   it is now. Also an easy one, right? :wink:

I agree, and this is what we have done. The earlier post (from someone else)
was asking about how to filter *outbound* directed broadcasts, and I didn't
understand how this could be done. A number of my NANOG colleagues have
adamantly agreed that it can't!

o While we struggle with the above two, at least some service
   providers need to become more responsive in tracking these
   sort of events back to their real source. No names mentioned,
   none forgotten.

Agreed. Would it make sense to come up with a cooperative mechanism for this
similar to CERT only faster?

o Lastly, I think that better tools are needed to track this
   sort of attacks back to their source (?).

That would be very difficult, effectively requiring the ability to query
routers and ask if they are seeing packets bound for a specific address. I'd
love to see some tools that would help us do that, however!