From owner-freebsd-security Sun Jun 24 11:34:24 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.webmonster.de (datasink.webmonster.de [194.162.162.209]) by hub.freebsd.org (Postfix) with SMTP id 5EE3C37B401 for ; Sun, 24 Jun 2001 11:34:20 -0700 (PDT) (envelope-from karsten@rohrbach.de) Received: (qmail 58543 invoked by uid 1000); 24 Jun 2001 18:34:40 -0000 Date: Sun, 24 Jun 2001 20:34:40 +0200 From: "Karsten W. Rohrbach" To: Simon Rakovec Cc: freebsd-security@freebsd.org Subject: Re: disable traceroute to my host Message-ID: <20010624203440.C57877@mail.webmonster.de> Mail-Followup-To: "Karsten W. Rohrbach" , Simon Rakovec , freebsd-security@freebsd.org References: <006a01c0fb6b$2d64d830$9865fea9@book> <3B36267B.5B5FDBE@inforta.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="6zdv2QT/q3FMhpsV" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B36267B.5B5FDBE@inforta.com>; from simon@inforta.com on Sun, Jun 24, 2001 at 07:42:19PM +0200 X-Arbitrary-Number-Of-The-Day: 42 X-URL: http://www.webmonster.de/ X-Disclaimer: My opinions do not necessarily represent those of my employer Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --6zdv2QT/q3FMhpsV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Simon Rakovec(simon@inforta.com)@2001.06.24 19:42:19 +0000: > Try this: >=20 > ipfw add deny udp from any 32769-65535 to 33434-33523 one might note on that, that this is no proper practice, it simply does no good regarding proper network operation. imagine, there are people out there who operate networks with more than 20 routers -- if you deploy those filter you probably do not make new friends, especially in the isp field. that said, a better choice would be putting /sbin/shutdown -p now in /etc/rc.local *grin* have a nice one /k >=20 > Regards, Simon >=20 > alexus wrote: > >=20 > > is it possible to disable using ipfw so people won't be able to tracero= ute > > me? > >=20 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 > Only wimps use tape backups; real men put their software on ftp-servers > and let the rest of the world mirror it. --Linus Torvalds KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --6zdv2QT/q3FMhpsV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7NjLAM0BPTilkv0YRAm/sAJ9QmbK7udyaTRPksD2mZSwD6k8ByQCgmkLZ ZBDD7oxho1VGjFRGzIMSPAg= =gm+6 -----END PGP SIGNATURE----- --6zdv2QT/q3FMhpsV-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message