Date: Mon, 21 Aug 2000 15:59:35 +0400 (MSD) From: Jaroshenko Serge <jaroshenko@mail.ru> To: Mipam <mipam@ibb.net> Cc: William Wong <willwong@anime.ca>, freebsd-security@FreeBSD.ORG Subject: Re: icmptypes Message-ID: <Pine.BSF.4.21.0008211549410.8776-100000@freebsd.merlin.ru> In-Reply-To: <Pine.LNX.3.95.1000821131544.7312D-100000@ux1.ibb.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 21 Aug 2000, Mipam wrote: > On Mon, 21 Aug 2000, Jaroshenko Serge wrote: > > > > > Hi! > > read www.obfuscation.org/ipf/ipf-howto.txt . > > > > By this doc: > > > > icmp-type 0 > > icmp-type 3 > > icmp-type 8 > > icmp-type 11 > > > > Okay, however, why not block in all icmp and let yourself be able to ping > to the outside. O'key, if don't need traceroute or icmp destination-unreachable - block in all proto icmp , but in this case your browser or (ftp client) long time wait response from unreachable destination! > With state keeping you'll recieve the reply's. Try it! > Unless of course you wish ppl to ping you initially? > Bye, > > Mipam. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008211549410.8776-100000>