From owner-freebsd-security Thu Mar 22 17:11:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from cs4.cs.ait.ac.th (cs4.cs.ait.ac.th [192.41.170.16]) by hub.freebsd.org (Postfix) with ESMTP id 98A0F37B71F for ; Thu, 22 Mar 2001 17:11:49 -0800 (PST) (envelope-from on@cs.ait.ac.th) Received: from banyan.cs.ait.ac.th (on@banyan.cs.ait.ac.th [192.41.170.5]) by cs4.cs.ait.ac.th (8.9.3/8.9.3) with ESMTP id IAA25591; Fri, 23 Mar 2001 08:11:12 +0700 (GMT+0700) Received: (from on@localhost) by banyan.cs.ait.ac.th (8.8.5/8.8.5) id IAA07068; Fri, 23 Mar 2001 08:11:44 +0700 (ICT) Date: Fri, 23 Mar 2001 08:11:44 +0700 (ICT) Message-Id: <200103230111.IAA07068@banyan.cs.ait.ac.th> X-Authentication-Warning: banyan.cs.ait.ac.th: on set sender to on@banyan.cs.ait.ac.th using -f From: Olivier Nicole To: ostap@ukrpost.net Cc: freebsd-security@FreeBSD.ORG In-reply-to: <3ABA09E0.141711C9@ukrpost.net> (message from ostap on Thu, 22 Mar 2001 16:19:12 +0200) Subject: Re: DoS attack - advice needed References: <3ABA09E0.141711C9@ukrpost.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >i'm interested in the ways how this can be done, and what is needeed >to prevent such attacks on 3.x freebsd, without blocking all icmp >traffic. One solution I heard about is to limit the bandwidth available for ICMP (say 5% of your total bandwidth). Of course during a DoS attack no valid ICMP will get through but at least your network will still be working. Regards, Olivier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message