[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: disable icmp in OpenBSD 3.2 ?

To: <Philip_(_dot_)_Miller_(_at_)_ogilvy_(_dot_)_com>, <misc_(_at_)_openbsd_(_dot_)_org>
Subject: Re: disable icmp in OpenBSD 3.2 ?
From: "Dom De Vitto" <dom_(_at_)_DeVitto_(_dot_)_com>
Date: Fri, 10 Jan 2003 21:22:44 -0000
Organization: Secure Technologies Ltd.

Yep, it looks hard, especially as many of echo-request's
siblings can be used for the same effect, but are not disabled by the
icmp_echo_ignore_all pseudo-device....

PF is what you want, because you want to filter particlar packets...

Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto                                       Tel. 07855 805 271
http://www.devitto.com                         mailto:dom_(_at_)_devitto_(_dot_)_com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf
Of Philip_(_dot_)_Miller_(_at_)_ogilvy_(_dot_)_com
Sent: Friday, January 10, 2003 8:58 PM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: disable icmp in OpenBSD 3.2 ?


Im looking to do this without pf / ipf though (and you thought this
would 
be easy?)


equiv in linux is    "echo 1 >> /proc/sys/net/ipv4/icmp_echo_ignore_all"


thx for your help ;)

~phmiller

References:
- disable icmp in OpenBSD 3.2 ?
  - From: Philip . Miller

Prev by Date: disable icmp in OpenBSD 3.2 ?
Next by Date: Re: i2o / Intelligent IO
Previous by thread: disable icmp in OpenBSD 3.2 ?
Next by thread: Re: disable icmp in OpenBSD 3.2 ?
Index(es):
- Date
- Thread

Visit your host, monkey.org