Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-security

From: Mark Hurst <mark@××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Fri, 09 Jan 2004 06:38:44
Message-Id: 20040109173651.1e988b97.mark@gumrak.net
In Reply to: Re: [gentoo-security] firewall suggestions? by Oliver Schad
1 > Probably you think ICMP is dangerous too. There are a lot of brain dead
2 > admins who blocks ICMP packets and they wonder why connections to some
3 > websites are broken or if they administrate the packet filter before a
4 > webserver they wonder why some user grouches they wouldn't get a
5 > connection to the web server.
6
7 Ever heard of Smurf or Loki?
8
9 If you allow all ICMP in you are indeed a brain-dead admin, in my opinion.
10 Sure, host unreachable, DF should be allowed in, but why should an
11 external host be able to send timestamp or subnet requests?
12
13 --
14 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] firewall suggestions? Oliver Schad <o.schad@×××.de>
Re: [gentoo-security] firewall suggestions? Alexander Schreiber <als@××××××××××××.de>
Report Message
Find on MARC Find on Google Groups