1 |
Tobias Klausmann wrote: |
2 |
> On Tue, 07 Feb 2006, Francois Toussenel wrote: |
3 |
>> (I would add that one might want to never respond to pings, for |
4 |
>> instance, so starting iptables between net.eth0 and services seems not |
5 |
>> enough.) |
6 |
> |
7 |
> Why (outside of s specific attack in that area) would one *not* |
8 |
> respond to pings? Outside from a specific attack in that area |
9 |
> happening, I see no reason to do so. |
10 |
|
11 |
Everyone knows, that only stealthed hosts are secure. To archive this, |
12 |
you have to block not only icmp but also arp. ;-) |
13 |
|
14 |
Regards |
15 |
Oli |
16 |
-- |
17 |
gentoo-security@g.o mailing list |