Re: disable traceroute to my host

From: Karsten W. Rohrbach (karsten@rohrbach.de)
Date: 06/24/01


Date: Sun, 24 Jun 2001 20:34:40 +0200
From: "Karsten W. Rohrbach" <karsten@rohrbach.de>
To: Simon Rakovec <simon@inforta.com>


Simon Rakovec(simon@inforta.com)@2001.06.24 19:42:19 +0000:
> Try this:
>
> ipfw add deny udp from any 32769-65535 to <your-host> 33434-33523

one might note on that, that this is no proper practice, it simply does
no good regarding proper network operation. imagine, there are people
out there who operate networks with more than 20 routers -- if you
deploy those filter you probably do not make new friends, especially in
the isp field.

that said, a better choice would be putting

    /sbin/shutdown -p now

in /etc/rc.local

*grin*

have a nice one
/k

>
> Regards, Simon
>
> alexus wrote:
> >
> > is it possible to disable using ipfw so people won't be able to traceroute
> > me?
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
> Only wimps use tape backups; real men put their software on ftp-servers
> and let the rest of the world mirror it. --Linus Torvalds
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message