Date: Thu, 02 Nov 2000 12:29:51 -0500 From: "Moritz Hardt" <mhardt@morix.de> To: "Buliwyf McGraw" <buliwyf@libertad.univalle.edu.co>, "security@FreeBSD.ORG" <security@FreeBSD.ORG> Subject: Re: Console Message II Message-ID: <200011021830.TAA15268@post.webmailer.de> In-Reply-To: <Pine.BSF.4.21.0011021222030.4623-100000@libertad.univalle.edu.co>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Nov 2000 13:05:50 -0500 (COT), Buliwyf McGraw wrote: > > In this moment i am using ipf in the box which is showing de message: > "icmp-response bandwidth limit". > It doesnt happen all time, just some days for a few > When the message appears, the "System Load" grows to 5 or more, until > the server crash! Normally those messages orcur, if someone portscans you or piung floods you. But the fact that the server crashes, seems to me like you are vulnerable to DOS-attack. Look wich services on your system are running and could be vulnerable. > My question is: > > If i put this line in my "ipf rules" file: > block in proto icmp all > > What kind of problems could i get for this restriction??? Be careful with that!! It is not a good idea to block the whole icmp, since important control messages would be blocked. such as the echo-request (ping). I think it would stop it, but that's really a way you shouldnt go. > >======================================================================= > Buliwyf McGraw > Administrador del Servidor Libertad > Centro de Servicios de Informacion > Universidad del Valle >======================================================================= > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011021830.TAA15268>