Re: disable traceroute to my host

From: alexus (ml@db.nexgen.com)
Date: 06/25/01 

From: "alexus" <ml@db.nexgen.com>
To: "Fernando Gleiser" <fgleiser@cactus.fi.uba.ar>
Date: Mon, 25 Jun 2001 15:39:44 -0400

only for incoming? or for outgoing as well?

----- Original Message -----
From: "Fernando Gleiser" <fgleiser@cactus.fi.uba.ar>
To: "alexus" <ml@db.nexgen.com>
Cc: <freebsd-security@FreeBSD.ORG>
Sent: Friday, June 22, 2001 9:23 PM
Subject: Re: disable traceroute to my host

> On Fri, 22 Jun 2001, alexus wrote:
>
> > is it possible to disable using ipfw so people won't be able to
traceroute
> > me?
>
> I don't know if it is posible with ipfw, but with ip filter you can add
> a rule to block any packets with ttl=1:
>
> block in log quick on xl0 ttl 1 proto ip all
>
> That will stop windows traceroute (icmp based) as well as unix traceroute
> (udp based).
>
> Unix traceroute uses udp packets with destination port > 33434, but this
can
> be changed. As far as I know, the only way to stop traceroute is to drop
> any packet with ttl=1. This might block legitimate trafic, but I haven't
> seen any packet in the wild with ttl=1 wich was not a traceroute.
>
>
> Hope this helps.
> Fer
>
>
>
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: icmp type 11 not go via nat POSTROUTING table
    ... everthing is working as it "should", there is no reason for a "ICMP ... I generated two test icmp packets ... This is how traceroute knows the IP of the ... If x.y.z.t is a private IP address, it cannot be tracerouted anyway, so ...
    (comp.os.linux.networking)
  • Re: Apache 1.3 Problems
    ... Did the server restart at all and if so are the ... >>>Sounds like a firewall issue. ... >> shows any tcp packets at all getting through except when lynx is run ... Can you show us a 'traceroute bbrb-isp.Stanford.EDU' from your machine? ...
    (freebsd-questions)
  • RE: Traceroute
    ... Plain IP packets, and actually anything that travels over IP or with an IP ... garbage after the IP header and play with the protocol field in the IP ... The best defense against tracerouting is an egress filter for the ICMP time ... for ICMP and UDP packets used by standard traceroute tools use are easily ...
    (Pen-Test)
  • Why some hosts in Internet not prefer to be traceroute-d ?
    ... i.e. not to send a TTL exceeded ICMP packet back to the host. ... like dropping TTL exceeded ICMP packets (dropping such packets in ... I used to traceroute in unprivileged user mode, ... What's the difference between a router and a endpoint host from ...
    (comp.os.linux.networking)
  • Re: AOL Servers Probing ???
    ... > Traceroute before on another IP. ... My first hop appears to be going to an SBC DSL user; ... Those AOL proxies ... one has to be an AOL proxy, it is sending packets back to me with an RFC ...
    (microsoft.public.security)