Date: Wed, 21 Jun 2000 11:15:12 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Maksimov Maksim <maksim@tts.tomsk.su> Cc: freebsd-security@FreeBSD.ORG Subject: Re: How defend from stream2.c attack? Message-ID: <Pine.BSF.4.21.0006211113140.60705-100000@achilles.silby.com> In-Reply-To: <000401bfdb64$3eae8320$0c3214d4@dragonland.tts.tomsk.su>
next in thread | previous in thread | raw e-mail | index | archive | help
Is ICMP_BANDLIM enabled? If so, crank net.inet.icmp.icmplim down to 20 or so, and you should be just as protected as if enabling the restrict RST option. (And if it's not compiled in, do so!) Mike "Silby" Silbersack On Wed, 21 Jun 2000, Maksimov Maksim wrote: > How defend from stream2.c attack (flooding ACK-packets) on my FreeBSD box? > I install FreeBSD 4.0-20000608-STABLE, but stream2.c attack freezed this > FreeBSD box as before! > Help! > > Best regards, > Maks Maksimov mailto:maksim@tts.tomsk.su > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006211113140.60705-100000>