RE: Best way to filter "Nachi pings"?
From: Francis A. Vidal (francisv-sender-21ebc3_at_irc.dagupan.com)
Date: 10/27/03
- Previous message: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- In reply to: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- Next in thread: Colin Percival: "RE: Best way to filter "Nachi pings"?"
- Reply: Colin Percival: "RE: Best way to filter "Nachi pings"?"
- Reply: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <freebsd-security@freebsd.org> Date: Mon, 27 Oct 2003 16:06:44 +0800
Wouldn't it break stuff like traceroute?
-----Original Message-----
From: Kris Kennaway [mailto:kris@obsecurity.org]
Sent: Monday, October 27, 2003 4:03 PM
To: Brett Glass
Cc: security@freebsd.org
Subject: Re: Best way to filter "Nachi pings"?
On Mon, Oct 27, 2003 at 12:31:46AM -0700, Brett Glass wrote:
> We're being ping-flooded by the Nachi worm, which probes subnets for
> systems to attack by sending 92-byte ping packets. Unfortunately,
> IPFW doesn't seem to have the ability to filter packets by length.
> Assuming that I stick with IPFW, what's the best way to stem the
> tide?
Block all ping packets? Most security-conscious admins do this
anyway.
Kris
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- In reply to: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- Next in thread: Colin Percival: "RE: Best way to filter "Nachi pings"?"
- Reply: Colin Percival: "RE: Best way to filter "Nachi pings"?"
- Reply: Kris Kennaway: "Re: Best way to filter "Nachi pings"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
