Security
Stations that should not announce their service states should disable broadcasting. While setting the broadcast addresses to the same ip address of the station works, it's not a best practice. This will disable that station from learning of other broadcast traffic in the network. If the service in question alone provides too much information, you should consider disabling or removing it.
Some Denial of service attacks use broadcast amplification to elicit replies from a broadcast address to a spoofed victim. Routers should use ACLs or filtering to drop unwanted external to local broadcast traffic. This will prevent local stations from replying. Many Operating Systems have additional configuration to enable/disable broadcast replies.
- Linux via procfs
$ cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
Read more about this topic: Broadcast Traffic
Famous quotes containing the word security:
“In the long course of history, having people who understand your thought is much greater security than another submarine.”
—J. William Fulbright (b. 1905)
“The horror of class stratification, racism, and prejudice is that some people begin to believe that the security of their families and communities depends on the oppression of others, that for some to have good lives there must be others whose lives are truncated and brutal.”
—Dorothy Allison (b. 1949)
“There is one safeguard known generally to the wise, which is an advantage and security to all, but especially to democracies as against despots. What is it? Distrust.”
—Demosthenes (c. 384322 B.C.)