Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 24 Mar 2001 18:47:09 -0800
From:      "Crist J. Clark" <cjclark@reflexnet.net>
To:        Chris Byrnes <chris@jeah.net>
Cc:        scanner@jurai.net, Marc Rogers <marcr@shady.org>, freebsd-security@FreeBSD.ORG
Subject:   Re: DoS attack - advice needed
Message-ID:  <20010324184709.A797@cjc-desktop.users.reflexcom.com>
In-Reply-To: <Pine.BSF.4.33.0103221153370.12333-100000@awww.jeah.net>; from chris@jeah.net on Thu, Mar 22, 2001 at 11:54:25AM -0600
References:  <Pine.BSF.4.21.0103221239120.62375-100000@sasami.jurai.net> <Pine.BSF.4.33.0103221153370.12333-100000@awww.jeah.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 22, 2001 at 11:54:25AM -0600, Chris Byrnes wrote:
> > Idiots is a subjective term. Anyway. Ill tell you why you can't just *flip
> > off* ICMP. It's an integral part of IP. http://users.worldgate.com/~marcs/mtu/
> > Alot of people need to take some "Protocol 101" classes. If you dont like
> > how ICMP works. I dont care. It's your broken network not mine. But the
> > fact is you can't filter the entire protocol without consequences. If you
> > choose to ignore said consequences well again it's your broken network not
> > mine. I dont care.
> 
> Wow, buddy.  Seriously, come on.
> 
> You don't have to get personal about it.  I asked a valid question, and
> people gave me some valid answers.  You, however, seem personally insulted
> by the fact that I don't want ICMP turned on.

People get really peeved about ICMP breakage when someone upstream
from them breaks it for them. It also is really annoying when your
users start complaining to _you_ when someone else has broken their
own services.

I've had PMTU discovery broken by someone upstream and it is _very_
frustrating.

Feel free to break your own network provided that no one else has to
live with it too.
-- 
Crist J. Clark                           cjclark@alum.mit.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010324184709.A797>