Date: Fri, 17 Nov 2000 14:29:04 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Jesper Skriver <jesper@skriver.dk> Cc: hackers@FreeBSD.ORG Subject: Re: React to ICMP administratively prohibited ? Message-ID: <20001117142904.T18037@fw.wintelcom.net> In-Reply-To: <20001117211013.C9227@skriver.dk>; from jesper@skriver.dk on Fri, Nov 17, 2000 at 09:10:13PM %2B0100 References: <20001117211013.C9227@skriver.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
* Jesper Skriver <jesper@skriver.dk> [001117 12:11] wrote: [snip] > > This timeout could be avoided if the sending mail server reacted to the > 'ICMP administratively prohibited' they got from our router. [snip] > > $ telnet nemo.dyndns.dk 25 > Trying 193.89.247.125... > telnet: Unable to connect to remote host: No route to host > $ uname -a > Linux xyz.dk 2.0.32 #1 Wed Nov 19 00:46:45 EST 1997 i586 unknown > > Wouldn't it be a idea to implement a similar behaviour in FreeBSD ? Probably not, what if one started a stream of spoofed ICMP lying about the state of the route between the two machines? I have the impression that the Linux box wouldn't be able to connect because of this behavior. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001117142904.T18037>