Date: Thu, 27 Jun 2002 15:00:32 -0400 From: Richard A Steenbergen <ras@e-gerbil.net> To: Peter Brezny <pbrezny@purplecat.net> Cc: freebsd-net@freebsd.org Subject: Re: limiting directed broadcasts with ipfw. Message-ID: <20020627190032.GC99199@overlord.e-gerbil.net> In-Reply-To: <NEBBIGLHNDFEJMMIEGOOIEGFFCAA.pbrezny@purplecat.net> References: <NEBBIGLHNDFEJMMIEGOOIEGFFCAA.pbrezny@purplecat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 27, 2002 at 01:18:04PM -0400, Peter Brezny wrote: > I did a quick search through the man page, but didn't come up with anything > right off that looked like it could help mitigate smurf attacks similar to > the cisco: > no ip directed-broadcast > > feature. > > Is there a way? sysctl net.inet.icmp.bmcastecho=0 has been the default since... well since smurf came out. :) -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020627190032.GC99199>