> -----Original Message----- > From: plug-discuss-admin@lists.plug.phoenix.az.us > [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of > der.hans > Sent: Wednesday, March 14, 2001 11:59 PM > To: plug-discuss@lists.plug.phoenix.az.us > Subject: Re: Need ISP!!! > > > Am 13. Mar, 2001 schwäzte David A. Sinck so: > > > Well, see, thereby hangs a tail....providers *should* squash the non > > routeable addresses before sending them on. If you get this traffic > > on your inbound ethX card, you know someone is up to no good and your > > ISP is likely to suffer evil RSN. It's been a bit since I've seen a > > report of this, but they are there. > > I would think that non-routable stuff isn't routable :). I would also > think that broadcast stuff would get squashed at every organizational > border. > > That's what http://www.sans.org/dosstep/index.htm suggests. That's also > what the router people I know suggest. > > OTOH, I brought broadcast packets up on SAGE [1] recently and it was > mentioned that customers go after their providers if blocking is done. It > was mentioned that there are many threads about this on the NANOG [2] > mailing list, including a recent piece about a provider being sued because > they weren't allowing broadcast m$ traffic. Appears the suers had offices > in different geographical locations and were using NETBIOS over IP > broadcast to connect via "network neighborhood". Personally, I say toss > 'em off the network for gross stupidity. > ----- I've always felt that gross stupity is it's own reward (punishment). The problem is wasted bandwidth because broadcasts - by their very nature - are wide ranging and should be minimized. I wonder how well the @home network would perform if they assigned static IP's instead of asking everyone to use DHCP. SMB traffic on the public internet is a gross violation of bandwidth and should always be contained in VPN tunnels if remote networking is the goal. It is actually scary how many TCP packets of port 137, 138 & 139 are bouncing around and many providers don't quash them. I consider them to be a marketing opportunity to sell a firewall, but I don't have the time. Craig