Date: Mon, 25 Jun 2001 15:39:44 -0400 From: "alexus" <ml@db.nexgen.com> To: "Fernando Gleiser" <fgleiser@cactus.fi.uba.ar> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: disable traceroute to my host Message-ID: <00fd01c0fdae$95c16430$9865fea9@book> References: <20010622221554.K5703-100000@cactus.fi.uba.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
only for incoming? or for outgoing as well? ----- Original Message ----- From: "Fernando Gleiser" <fgleiser@cactus.fi.uba.ar> To: "alexus" <ml@db.nexgen.com> Cc: <freebsd-security@FreeBSD.ORG> Sent: Friday, June 22, 2001 9:23 PM Subject: Re: disable traceroute to my host > On Fri, 22 Jun 2001, alexus wrote: > > > is it possible to disable using ipfw so people won't be able to traceroute > > me? > > I don't know if it is posible with ipfw, but with ip filter you can add > a rule to block any packets with ttl=1: > > block in log quick on xl0 ttl 1 proto ip all > > That will stop windows traceroute (icmp based) as well as unix traceroute > (udp based). > > Unix traceroute uses udp packets with destination port > 33434, but this can > be changed. As far as I know, the only way to stop traceroute is to drop > any packet with ttl=1. This might block legitimate trafic, but I haven't > seen any packet in the wild with ttl=1 wich was not a traceroute. > > > Hope this helps. > Fer > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00fd01c0fdae$95c16430$9865fea9>