From owner-freebsd-security Sun Apr 2 14: 6:17 2000 Delivered-To: freebsd-security@freebsd.org Received: from wat-border.sentex.ca (waterloo-hespler.sentex.ca [199.212.135.66]) by hub.freebsd.org (Postfix) with ESMTP id DFB5E37B6A7 for ; Sun, 2 Apr 2000 14:06:13 -0700 (PDT) (envelope-from mike@sentex.net) Received: from granite.sentex.net (granite-atm.sentex.ca [209.112.4.1]) by wat-border.sentex.ca (8.9.3/8.9.3) with ESMTP id RAA77090; Sun, 2 Apr 2000 17:06:02 -0400 (EDT) (envelope-from mike@sentex.net) Received: from chimp (ospf-mdt.sentex.net [205.211.164.81]) by granite.sentex.net (8.8.8/8.6.9) with ESMTP id RAA15154; Sun, 2 Apr 2000 17:06:01 -0400 (EDT) Message-Id: <4.2.2.20000402170029.0360cd28@mail.sentex.net> X-Sender: mdtancsa@mail.sentex.net X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Sun, 02 Apr 2000 17:03:21 -0500 To: Cliff Rowley From: Mike Tancsa Subject: Re: MAJOR DDOS Cc: security@FreeBSD.ORG In-Reply-To: References: <4.2.2.20000402151228.035846d8@mail.sentex.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 08:28 PM 4/2/2000 +0100, Cliff Rowley wrote: > > If its all "legitimate" traffic, I dont think > > options ICMP_BANDLIM > > will help. > >It wouldnt help if it was not legitimate traffic either, since ICMP is >portless (meaning that the connections are either TCP or UDP) - just >clearing that up. I thought the point of ICMP_BANDLIM was to throttle back the amount of ICMP error traffic in response to a whole whack of bogus connection attempts. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message