Date: Wed, 16 Apr 2003 10:58:20 -0700 (PDT) From: John Polstra <jdp@polstra.com> To: mobile@freebsd.org Subject: Re: "broadcast ping" message Message-ID: <200304161758.h3GHwK8Y080748@strings.polstra.com> In-Reply-To: <20030416105033.H46401-100000@moo.sysabend.org> References: <20030416105033.H46401-100000@moo.sysabend.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <20030416105033.H46401-100000@moo.sysabend.org>, Jamie Bowden <ragnar@sysabend.org> wrote: > On Wed, 16 Apr 2003, John Polstra wrote: > > > To make a FreeBSD system respond to broadcast pings, you have to set > > the sysctl variable net.inet.icmp.bmcastecho to 1. > > Shouldn't the default be to DTRT and respond unless disabled? Until now, > the only systems on my network that didn't respond to broadcast pings were > my windows boxes, but I consider them broken by default. Why has the > default behavior changed, and isn't this a POLA issue? It was changed for security reasons. Responding to broadcast pings creates several potential denial of service attacks. John -- John Polstra John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304161758.h3GHwK8Y080748>