Date: Sat, 12 Jun 1999 11:44:04 -0600 From: Nate Williams <nate@mt.sri.com> To: sporkl@ix.netcom.com Cc: Nate Williams <nate@mt.sri.com>, Pete Fritchman <petef@netreach.net>, Ruslan Ermilov <ru@ucb.crimea.ua>, "Jason L. Schwab" <jschwab@royal.net>, ghandi@mindless.com, freebsd-security@FreeBSD.ORG Subject: Re: firewalls Message-ID: <199906121744.LAA24411@mt.sri.com> In-Reply-To: <Pine.BSF.4.05.9906121112550.6023-100000@pigstuy.penguinpowered.com> References: <199906120353.VAA23229@mt.sri.com> <Pine.BSF.4.05.9906121112550.6023-100000@pigstuy.penguinpowered.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > [ blocking all ICMP packets ] > > > I did it before and it worked fine. > > > > It will affect people trying to connect to you though. *DON'T* firewall > > something unless you know the effects of it. Blocking all ICMP is a > > violation of RFC, and shows that you don't understand how TCP/IP works. > > > > *MOST* of the ICMP types can be blocked, but not all of them. > > Which are appropriate to block? There was a URL posted in the original response that explains most of this. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906121744.LAA24411>