On Thu, 28 Apr 1994, Carl Corey wrote: > Not sure, i've never done anything on the topic. I believe that the > widely-distributed nuke.c program's packets (hope I don't over-simplify > this) are FROM the "nuker", but say that the HOST is unreach. So basically > I believe that newer versions of Cisco software check to see if the ICMP > UNREACH is on the same subnet as the host which is unreachable. Something > like that; I was in a detailed discussion about it a few months ago but > that's all I remember, and that might be a little off. Newer versions of the same line of programs also fake the source address of the IP packet. - Oliver