From owner-freebsd-questions Tue Mar 26 13:11:34 2002 Delivered-To: freebsd-questions@freebsd.org Received: from smtp017.mail.yahoo.com (smtp017.mail.yahoo.com [216.136.174.114]) by hub.freebsd.org (Postfix) with SMTP id 56B2B37B405 for ; Tue, 26 Mar 2002 13:11:29 -0800 (PST) Received: from mc208-149.intelnet.net.gt (HELO anakin) (jogegabsd@216.230.149.208 with login) by smtp.mail.vip.sc5.yahoo.com with SMTP; 26 Mar 2002 21:11:28 -0000 From: "jogegabsd" To: , "Justin L Boss" Cc: Subject: RE: Security! Date: Tue, 26 Mar 2002 15:11:46 -0600 Message-ID: X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <3CA0A724.AB91AC55@wi.rr.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I think they refer that you should be careful with a flood of ping messages and get a DoS, take a look at this links. http://www.networkice.com/Advice/Underground/Exploitz/Floods/Ping_Flood/defa ult.htm http://www.cert.org/advisories/CA-1998-01.html You can recieve a really large amount of ICMP echo request packets to the point you have to many, which means, DoS. I really don't remember specific names right now, but there are a lot of companies that denied ICMP packets from the outside, in order to fix this. Actually it is a security policy in most systems. Don't worry that you can not see if your site is reachable or not. there are several tools (e. g. nmap) that makes a diferent kind of analysis(SYN) to see if your network is reachable. you can keep the ICMP packet traffic from the inside. Hope this helps Gerardo Amaya > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Nick Lozinsky > Sent: Tuesday, March 26, 2002 10:52 AM > To: Justin L Boss > Cc: freebsd-questions@FreeBSD.ORG > Subject: Security! > > > Thanks to a previous thread, I am more aware of Internet security > than ever! > According to Symantec and it's scan on the Internet, I was > reported that half > of my ports were open and therefore leaking. So, I got rid of > every hole so far > but one, ping, how is ping unsecure and what can I do to take care of it's > vulnneurability? > > Thanks > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message