Safe to block 255.255.255.255?
There is a steady stream of UDP packets coming into my local network from some random internet address. The UDP packets are all destined for 255.255.255.255. For some reason the firewall on my Comcast gateway doesn't block this even when running in NAT mode. WTF? So I'm seeing all this traffic bleed through onto my LAN and every device is getting hit with the rogue UDP traffic. I have configured the firewall on most of the LAN devices to drop the packets but that doesn't fix the fact that it's spilling into my LAN. This is a static IP account so I can't solve this by just grabbing a new WAN IP from my ISP.
So here's the question. I'm considering asking my ISP to block this upstream. My request would be to block all traffic destined for 255.255.255.255 on my network. Would I regret doing that? Can anyone think of any legitimate reason to allow internet traffic to hit the broadcast IP on my public subnet?
Last edited by throes; 05-05-2012 at 08:35 PM.
|