Re: [NANOG] Limiting ICMP

On Wed, 21 May 2008, John Kristoff wrote: In the environments where I've done this, my experience was that it was an acceptable practice at the time and in a couple cases it did help the net upstream when something went wrong (e.g. this did stop some real DoS traffic for me more than once). I ma

Re: [NANOG] Limiting ICMP

Yep, agreed, we need to update those docs. The basic ICMP filtering guide still resides here, and comments are welcome: John Kristoff wrote: On Sat, 17 May 2008 23:53:00 -0400 Drew Weaver <[EMAIL PROTECTED]> wrote: I'm wondering if any

Re: [NANOG] Limiting ICMP

On Sat, 17 May 2008 23:53:00 -0400 Drew Weaver <[EMAIL PROTECTED]> wrote: > I'm wondering if anyone else has run into this/has heard of/(is responsible > for)/knows the reason behind large IP providers limiting ICMP on outbound > connections to the same amounts regardless of the size of the circ

Re: [NANOG] Limiting ICMP

Drew Weaver wrote: > (do people still DDoS with ICMP these days? I see a lot of what looks like > udp.pl and hardly any ICMP attack traffic anymore) We saw a small attempted attack using ICMP a few weeks ago, but as you've mentioned I've mostly been seeing UDP floods (and the occasional TCP SYN