Date: Tue, 22 Jun 1999 10:29:12 -0600 (MDT) From: Nick Rogness <nick@rapidnet.com> To: "N.N.M" <madrapour@hotmail.com> Cc: mwlucas@exceptionet.com, freebsd-security@FreeBSD.ORG Subject: Re: Question: Preventing Smurf Message-ID: <Pine.BSF.4.05.9906221024310.61463-100000@rapidnet.com> In-Reply-To: <19990622120038.735.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 22 Jun 1999, N.N.M wrote: > Thanks for your reply. That is the point: I disable net.inet.icmp.bmcastecho > (=0) on a freebsd box with the IP, i.e. x.x.11.18. But when I use broadcast > ping (ping x.x.11.255) on another pc (i.e. x.x.11.17) on the same Ethernet, > the first machine which is not supposed to reply to the ping, will reply! So > I thought I might need another thing to disable that or maybe using > broadcast ping on the same Ethernet isn't a good way to test it or ...... > Any idea? # Deny icmp packets from hitting broadcast ipfw add 3000 deny log icmp from any to x.x.11.255/32 in via de0 > > Nazila M. > > > >From: mwlucas@exceptionet.com > >To: madrapour@hotmail.com (N.N.M) > >CC: freebsd-security@FreeBSD.ORG > >Subject: Re: Question: Preventing Smurf > >Date: Tue, 22 Jun 1999 07:06:52 -0400 (EDT) > >MIME-Version: 1.0 > >From mwlucas@easeway.com Tue Jun 22 11:18:15 1999 > >Received: (from mwlucas@localhost)by easeway.com (8.8.8/8.8.5) id > >HAA02940;Tue, 22 Jun 1999 07:06:56 -0400 (EDT) > >Message-Id: <199906221106.HAA02940@easeway.com> > >In-Reply-To: <19990622073945.98174.qmail@hotmail.com> from "N.N.M" at "Jun > >22, 99 00:39:43 am" > >X-Mailer: ELM [version 2.4ME+ PL32 (25)] > > > >To test if it works, ping your subnet's broadcast address (i.e., > >a.b.c.255). If you're not sure of the broadcast, an ifconfig -a will give > >it to you. > > > >The machine won't respond to a broadcast ping. This will prevent you from > >being a smurf relay. > > > >A more effective method would be to block broadcast pings at the router to > >your network. Check your router's documentation or mfg. web site for > >exact instructions. > > > >Regards, > >==ml > > > > > > > > > > Hi, > > > > > > Is it enough to do "sysctl -w net.inet.icmp.bmcastecho=0" to prevent > >being > > > Smurf Intermediary? And if so, how can I check it to get sure if it is > >ok? > > > I did the above change, but my freebsd box still responses to ping (from > >a > > > pc on the same Ehternet) to broadcast address. Is it normal? > > > > > > thanks, > > > Nazila M. > > > > > > > > > ______________________________________________________ > > > Get Your Private, Free Email at http://www.hotmail.com > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > >-- > >Michael Lucas | > >Exceptionet, Inc. | www.exceptionet.com > >"Exceptional Networking" | > > > > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > ******************************************************************* Nick Rogness "Never settle with words what System Administrator can be accomplished with a RapidNet, INC flame-thrower" nick@rapidnet.com ******************************************************************* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9906221024310.61463-100000>