Date: Thu, 22 Mar 2001 11:22:26 -0600 (CST) From: Chris Byrnes <chris@jeah.net> To: <scanner@jurai.net> Cc: Marc Rogers <marcr@shady.org>, <freebsd-security@FreeBSD.ORG> Subject: Re: DoS attack - advice needed Message-ID: <Pine.BSF.4.33.0103221121250.8421-100000@awww.jeah.net> In-Reply-To: <Pine.BSF.4.21.0103221122260.61047-100000@sasami.jurai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Do *NOT* block ICMP point blank at ALL. If you need to filter certain > type's and code's, fine. But NEVER slap an embargo on the entire ICMP > protocol. The mentality to do this blows me away every time I hear it > uttered from people. Why? If you have idiots running ping -f yourserver.com from 150 ISPs around the world, you're going to want to filter ICMP. That's what I did awhile back. And I haven't found a valid reason to re-enable it. + Chris Byrnes, chris@JEAH.net + JEAH Communications + 1-866-AWW-JEAH (Toll-Free) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0103221121250.8421-100000>