Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 27 Jun 2001 14:35:04 -0400
From:      "alexus" <ml@db.nexgen.com>
To:        "3APA3A" <3APA3A@SECURITY.NNOV.RU>, "Peter Jeremy" <peter.jeremy@alcatel.com.au>
Cc:        <freebsd-security@FreeBSD.ORG>
Subject:   Re: Re[2]: disable traceroute to my host
Message-ID:  <003701c0ff37$e229faa0$01000001@book>
References:  <006a01c0fb6b$2d64d830$9865fea9@book> <771487721300.20010623150519@SECURITY.NNOV.RU> <009201c0fdad$57c2af00$9865fea9@book> <3181060651.20010626150813@SECURITY.NNOV.RU> <20010627071504.P95583@gsmx07.alcatel.com.au> <79255173079.20010627114324@SECURITY.NNOV.RU>
next in thread | previous in thread | raw e-mail | index | archive | help 
from someone earlier post.. i suggest to check this out

http://www.isi.edu/in-notes/iana/assignments/icmp-parameters

----- Original Message -----
From: "3APA3A" <3APA3A@SECURITY.NNOV.RU>
To: "Peter Jeremy" <peter.jeremy@alcatel.com.au>
Cc: "alexus" <ml@db.nexgen.com>; <freebsd-security@FreeBSD.ORG>
Sent: Wednesday, June 27, 2001 3:43 AM
Subject: Re[2]: disable traceroute to my host


> Hello Peter,
>
>
>
> --Wednesday, June 27, 2001, 1:15:04 AM, you wrote to
3APA3A@SECURITY.NNOV.RU:
>
> PJ> On 2001-Jun-26 15:08:13 +0400, 3APA3A <3APA3A@SECURITY.NNOV.RU> wrote:
> >>deny ICMP from (YOURNETWORK) to any icmptypes 0,3,11 out
> >>
> >>0 - to stop windows traceroute and ping
> >>3 - to stop BSD-style traceroute
> >>11 - to prevent intermediate router to reply traceroute
>
> PJ> Blocking ICMP type 3 will break Path-MTU discovery (which relies on
> PJ> type 3 code 4).
>
> It's  possible  to combine - deny incoming UDP and outgoing ICMP types
> 0, 11.
>
> In  any  case  - there are thousand ways to discover route. Use NAT to
> hide internal network.
>
> PJ> Peter
>
> PJ> To Unsubscribe: send mail to majordomo@FreeBSD.org
> PJ> with "unsubscribe freebsd-security" in the body of the message
>
>
> --
> ~/3APA3A
> Всегда будем рады послушать ваше чириканье (Твен)
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003701c0ff37$e229faa0$01000001>