From owner-freebsd-security  Thu Mar 22  9:52: 7 2001
Delivered-To: freebsd-security@freebsd.org
Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213])
	by hub.freebsd.org (Postfix) with ESMTP id 1FBF537B71B
	for <freebsd-security@FreeBSD.ORG>; Thu, 22 Mar 2001 09:52:05 -0800 (PST)
	(envelope-from emechler@radix.cryptio.net)
Received: (from emechler@localhost)
	by radix.cryptio.net (8.11.0/8.11.0) id f2MHq2Y60579;
	Thu, 22 Mar 2001 09:52:02 -0800 (PST)
Date: Thu, 22 Mar 2001 09:52:02 -0800
From: Erick Mechler <emechler@techometer.net>
To: Chris Byrnes <chris@jeah.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: DoS attack - advice needed
Message-ID: <20010322095202.D59996@techometer.net>
References: <Pine.BSF.4.21.0103221122260.61047-100000@sasami.jurai.net> <Pine.BSF.4.33.0103221121250.8421-100000@awww.jeah.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.BSF.4.33.0103221121250.8421-100000@awww.jeah.net>; from Chris Byrnes on Thu, Mar 22, 2001 at 11:22:26AM -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

:: Why?  If you have idiots running ping -f yourserver.com from 150 ISPs
:: around the world, you're going to want to filter ICMP.  That's what I did
:: awhile back.
:: 
:: And I haven't found a valid reason to re-enable it.

Maybe this document will give you the reason you're looking for...

  http://users.worldgate.com/~marcs/mtu/

--Erick

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message