Date: Mon, 27 Oct 2003 08:11:07 +0000 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: "Francis A. Vidal" <francisv-dated-1067846809.52fc3d@irc.dagupan.com>, <freebsd-security@freebsd.org> Subject: RE: Best way to filter "Nachi pings"? Message-ID: <5.0.2.1.1.20031027080917.020dd378@popserver.sfu.ca> In-Reply-To: <1067242009.66521.TMDA@irc.dagupan.com> References: <20031027080240.GA9552@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 16:06 27/10/2003 +0800, Francis A. Vidal wrote: >Wouldn't it break stuff like traceroute? Traceroute is fine -- it uses UDP packets. Tracert, on the other hand, uses ICMP echo request packets, and it suffers. I'm currently on a university network, and when there are connectivity issues (which seems to be quite often) I get very annoyed with the ICMP filtering. Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20031027080917.020dd378>