Date: Thu, 22 Mar 2001 17:45:37 -0300 From: "Ronan Lucio" <ronan@melim.com.br> To: <security@freebsd.org> Subject: Re: DoS attack - advice needed Message-ID: <007101c0b311$0d67db60$2aa8a8c0@melim.com.br>
next in thread | raw e-mail | index | archive | help
Sorry, I´d like say to allow the follow icmptypes: 3 (destination unreachable) 4 (source quench) 11 (ttl exceeded) 12 (ip header bad) I think it´s enough to cause no problem to the system and block ping packets Ronan Lucio > If I add a rules: > > ipfw add pass icmp from any to my.ip.adress icmptypes 3 > ipfw add deny icmp from any to mu.ip.adress > > Will it resolve the problem of fragmented packets? > > Ronan Lucio To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007101c0b311$0d67db60$2aa8a8c0>