1 |
Am Donnerstag, 8. Januar 2004 17:06 schrieb mir Ryan Voots: |
2 |
> On Thu, 8 Jan 2004 16:17:49 +0100 |
3 |
> |
4 |
> "Oliver Schad" <o.schad@×××.de> Add to Address Book wrote: |
5 |
> > Probably you think ICMP is dangerous too. There are a lot of brain |
6 |
> > dead admins who blocks ICMP packets and they wonder why connections |
7 |
> > to some websites are broken or if they administrate the packet filter |
8 |
> > before a webserver they wonder why some user grouches they wouldn't |
9 |
> > get a connection to the web server. |
10 |
> |
11 |
> thats one reason i don't block it, some services and things use it to |
12 |
> look for hosts that are up, what i wish i could do is some type of |
13 |
> limit where it would only send replies to them at a certain rate, just |
14 |
> so that a ping -f on 12 machines to my machine wouldn't cause a huge |
15 |
> bandwidth surge from my machine. |
16 |
|
17 |
A limit is a good way to protect from DDOS. |
18 |
|
19 |
mfg |
20 |
Oli |
21 |
|
22 |
-- |
23 |
gentoo-security@g.o mailing list |