Date: Wed, 19 Apr 2000 15:55:24 +0200 From: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de> To: freebsd-ipfw@freebsd.org Subject: Pinging Firewall Message-ID: <4.1.20000419153229.00c93920@mail.rz.fh-wilhelmshaven.de>
next in thread | raw e-mail | index | archive | help
Hi! I recently had a discussion about being pings harmful to security. (I'm preparing some material for lectures about e-commerce, part of it being internet security) Question: In which ways does a firewall handles pings? And, more important, in which phase of the TCP/IP receiving process of the ping may it be blocked? I thought of the risk about being pingflooded, and had some discussion if it is possible to block that... From my view, several scenarii came to mind: Ping comes it, and is routed to the destination (normal operation) Ping arrives, and is recognized as a ping, and is dropped, with no answer to originating system. Ping arrives, and is not even recognized, handled etc, but simply dropped... Is that possible? (Speaking of technical possibility, not of potential violation to RFC) It was in a discussion to minimize the risk of being pingflooded.. Comments? Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- Turning PC's into workstations ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.20000419153229.00c93920>