From owner-freebsd-security Sun Jun 24 22:31:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.tgd.net (rand.tgd.net [64.81.67.117]) by hub.freebsd.org (Postfix) with SMTP id 328D837B401 for ; Sun, 24 Jun 2001 22:31:30 -0700 (PDT) (envelope-from sean@mailhost.tgd.net) Received: (qmail 64012 invoked by uid 1001); 25 Jun 2001 05:31:23 -0000 Date: Sun, 24 Jun 2001 22:31:23 -0700 From: sean-freebsd-security@chittenden.org To: alexus Cc: freebsd-security@freebsd.org Subject: Re: disable traceroute to my host Message-ID: <20010624223123.B44590@rand.tgd.net> References: <006a01c0fb6b$2d64d830$9865fea9@book> <3B36267B.5B5FDBE@inforta.com> <006101c0fd37$f93f7cd0$0100a8c0@alexus> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WYTEVAkct0FjGQmd" Content-Disposition: inline In-Reply-To: <006101c0fd37$f93f7cd0$0100a8c0@alexus>; from "ml@db.nexgen.com" on Mon, Jun 25, 2001 at = 01:30:39AM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --WYTEVAkct0FjGQmd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable man traceroute [snip] -p Protocol specific. For UDP and TCP, sets the base port number used in probes (default is 33434). Traceroute hopes that nothing is listening on UDP ports base to base + nhops - 1 at the destination host (so an ICMP PORT_UNREACHABLE message will be returned to terminate the route tracing). If some- thing is listening on a port in the default range, this option can be used to pick an unused port range. -sc On Mon, Jun 25, 2001 at 01:30:39AM -0400, alexus wrote: > Delivered-To: chittenden.org-sean-freebsd-security@chittenden.org > Delivered-To: freebsd-security@freebsd.org > From: "alexus" > To: "Simon Rakovec" , > > Subject: Re: disable traceroute to my host > Date: Mon, 25 Jun 2001 01:30:39 -0400 > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2462.0000 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 > List-ID: > List-Archive: (Web Archive) > List-Help: (List Instructions) > List-Subscribe: > List-Unsubscribe: > X-Loop: FreeBSD.org > Precedence: bulk >=20 > where did you get those numbers? >=20 > ----- Original Message ----- > From: "Simon Rakovec" > To: > Sent: Sunday, June 24, 2001 1:42 PM > Subject: Re: disable traceroute to my host >=20 >=20 > > Try this: > > > > ipfw add deny udp from any 32769-65535 to 33434-33523 > > > > Regards, Simon > > > > alexus wrote: > > > > > > is it possible to disable using ipfw so people won't be able to > traceroute > > > me? > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 Sean Chittenden --WYTEVAkct0FjGQmd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden iEYEARECAAYFAjs2zKoACgkQn09c7x7d+q2EiACfYRwTNthgkq3xu4JfDnEjrPNd /0IAoIVZlpQobvez2B3dvDWyMAlmU6c+ =UqSu -----END PGP SIGNATURE----- --WYTEVAkct0FjGQmd-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message