From owner-freebsd-ipfw Mon Oct 2 12:54:24 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from forrie.net (forrie.net [64.20.73.233]) by hub.freebsd.org (Postfix) with ESMTP id 6166837B502 for ; Mon, 2 Oct 2000 12:54:22 -0700 (PDT) Received: from boomer.forrie.com (dhcp-north-71-168.navipath.net [64.20.71.168]) by forrie.net with id e92JsLv14762 for ; Mon, 2 Oct 2000 15:54:21 -0400 (EDT) Message-Id: <5.0.0.25.2.20001002154554.01bfe310@64.20.73.233> X-Sender: forrie@64.20.73.233 X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Mon, 02 Oct 2000 15:47:40 -0400 To: freebsd-ipfw@freebsd.org From: Forrest Aldrich Subject: 4.1.1 Kernel ipfw, brought to its knees Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I was working with our security person here at work, with my ipfw config. I ran into some problems, which I'm still trying to figure out. So, he offered to at least scan the machine. He did a basic nmap scan... brought the machine to its knees. I had ICMP bandwidth limitation enabled. All except the RST (which isn't recommended for web servers). The machine is rendered unusable. I've never seen this happen to a FreeBSD box. Our 2.2.8 systems withstand this better than this. ? Forrest To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message