Some help with broadcasts through a Linux system
Christopher R. Hertel
crh at nts.umn.edu
Thu Oct 7 16:33:45 GMT 1999
Here at the University, we disable directed broadcast on all routers.
There are simply too many exploits opened up including (but not limited
to) Smurf amplification and NetBIOS name harvesting.
A very unpopular feature on an open network.
> Richard Sharpe <sharpe at ns.aus.com> wrote in SAMBA-TECHNICAL digest 870
> > with respect to directed broadcasts (subnet directed broadcasts), I have
> > now determined that Linux does not allow them.
> > The code is in linux/net/ipv4/ip_input.c. All broadcasts are dropped when
> > it comes time to check forwarding.
> > I have a hacked up version that allows directed broadcasts that I will be
> > testing soon so I can check out remote announce stuff ...
> The issue affects the documentation of remote
> announce, and at least remote browse sync,
> several of which already warns that some folks
> don't allow directed broadcast: unless the
> Linux folks wish to fix this, we'd best
> warn that Linux, a heavily used system, doesn't
> permit this.
> This will, in principle, affect all the Samba
> books, too, when they come up for update...
> David Collier-Brown, | Always do right. This will gratify some people
> 185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
> Willowdale, Ontario | http://java.science.yorku.ca/~davecb
> Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com
-- I have a shoehorn, the kind with teeth. --
Christopher R. Hertel -)----- University of Minnesota
crh at nts.umn.edu Networking and Telecommunications Services
More information about the samba-technical