[PLUG] Routers again <sigh>
Larry Brigman
larry.brigman at gmail.com
Fri Apr 13 21:03:23 UTC 2007
On 4/13/07, Jason Martin <nsxfreddy at gmail.com> wrote:
> On 4/13/07, Michael Rasmussen <mikeraz at patch.com> wrote:
> >
> > Larry Brigman wrote:
> > > ping -b 192.168.1.0
> > > is a broadcast ping to the network. This should respond back with
> > > everything on the network that understands ping. Lots of duplicates.
> >
> > Not everything. Some IP stacks, on Windows for example, don't respond to
> > broadcast pings.
>
> Nor should they, given the DDoS amplification potential of broadcast
> pings (Smurf attack). If you need to diagnose between two devices,
> use a unicast (standard) ping. If you need to discover devices on a
> subnet, use nmap or some other tool that can automate pinging through
> a list of IP addresses.
>
> Linux allows broadcast ping response to be configured through the
> net.ipv4.icmp_echo_ignore_broadcasts sysctl, or via the equivalent
> /proc/sys/net entry. The default is to ignore (1).
>
It might be default now but not too many kernel versions ago it was 0
and would respond.
However, most networking equipment and devices like networked
printers/print servers
will respond. It is a tool. Useful in some situations.
More information about the PLUG
mailing list