Date: Mon, 21 Jun 1999 22:35:39 -0700 From: Dean <dean@thegrid.net> To: freebsd-security@FreeBSD.ORG Subject: Re: ip firewall and icmp/dos. Message-ID: <4.1.19990621221636.0091fac0@mail.thegrid.net> In-Reply-To: <Pine.GSO.3.96.990621170528.25624A-100000@borneo> References: <376E9ECA.F30CC3FC@telebot.net>
next in thread | previous in thread | raw e-mail | index | archive | help
You can find the rfc for icmp at http://www.faqs.org/rfcs/rfc792.html. To get down to business, here's my ipfw line for icmp. allow icmp from any to any in icmptype 0,3,4,11,12,14,16 So, coming in, I allow Echo Reply, Destination Unreachable, Source Quench, Time Exceeded, Parameter Problem, Timestamp Reply, and Information Reply. Everything else should be blocked. I allow anything out past my firewall. For more opinions on this, dredge through the security mailing list archives at http://www.FreeBSD.org. As far as the other DoS's go, you should not allow anything you don't explicitly need. There are many types of DoS's available to the modern script kiddie.... Many of them do not rely on weakness in protocols. (feeding a 1024 username to an ftp server) Anyway, read up on the bugtraq mailing list. (http://www.geek-girl.com/bugtraq) Dean At 05:05 PM 6/21/99 -0400, you wrote: >man ipmon > >--------------------------------------------- >Pete Fritchman petef@netreach.net >Netreach www.netreach.net >System Administrator > >On Mon, 21 Jun 1999, Jason L. Schwab wrote: > >> >> Could someone please give me an example as to what lines I should add >> to my ruleset >> to keep from being Denial Of Service attacked and/or ICMP'd? Thanks. I >> have IPFIREWALL and IPFIREWALL_VERBOSE as options in my kernel. and I >> have the firewall_type set to "open" for >> right now. >> >> Also, I know that the IPFIREWALL_VERBOSE turns on logging, how can I >> see what it logs? >> >> -- thanks >> >> >> _____________________________________________________________________________ >> World's First Provider of FREE 800# U.S. Toll Free Voicemail to Email Service >> Get your own FREE voicemail, fax and Paging account at http://www.telebot.com >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-security" in the body of the message >> > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message ------------------------------------------------------------------------------- A train stops at a train station, a bus stops at a bus staion. On my desk, I have a workstation.... ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990621221636.0091fac0>