Date: Thu, 22 Mar 2001 12:49:38 -0500 (EST) From: <scanner@jurai.net> To: Chris Byrnes <chris@jeah.net> Cc: Marc Rogers <marcr@shady.org>, freebsd-security@FreeBSD.ORG Subject: Re: DoS attack - advice needed Message-ID: <Pine.BSF.4.21.0103221239120.62375-100000@sasami.jurai.net> In-Reply-To: <Pine.BSF.4.33.0103221121250.8421-100000@awww.jeah.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Mar 2001, Chris Byrnes wrote: > > Do *NOT* block ICMP point blank at ALL. If you need to filter certain > > type's and code's, fine. But NEVER slap an embargo on the entire ICMP > > protocol. The mentality to do this blows me away every time I hear it > > uttered from people. > > Why? If you have idiots running ping -f yourserver.com from 150 ISPs > around the world, you're going to want to filter ICMP. That's what I did > awhile back. Idiots is a subjective term. Anyway. Ill tell you why you can't just *flip off* ICMP. It's an integral part of IP. http://users.worldgate.com/~marcs/mtu/ Alot of people need to take some "Protocol 101" classes. If you dont like how ICMP works. I dont care. It's your broken network not mine. But the fact is you can't filter the entire protocol without consequences. If you choose to ignore said consequences well again it's your broken network not mine. I dont care. > And I haven't found a valid reason to re-enable it. See Above URL. ============================================================================= -Chris Watson (316) 326-3862 | FreeBSD Consultant, FreeBSD Geek Work: scanner@jurai.net | Open Systems Inc., Wellington, Kansas Home: scanner@deceptively.shady.org | http://open-systems.net ============================================================================= WINDOWS: "Where do you want to go today?" LINUX: "Where do you want to go tomorrow?" BSD: "Are you guys coming or what?" ============================================================================= irc.openprojects.net #FreeBSD -Join the revolution! ICQ: 20016186 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103221239120.62375-100000>