Date: Tue, 22 Jun 1999 07:06:52 -0400 (EDT) From: mwlucas@exceptionet.com To: madrapour@hotmail.com (N.N.M) Cc: freebsd-security@FreeBSD.ORG Subject: Re: Question: Preventing Smurf Message-ID: <199906221106.HAA02940@easeway.com> In-Reply-To: <19990622073945.98174.qmail@hotmail.com> from "N.N.M" at "Jun 22, 99 00:39:43 am"
next in thread | previous in thread | raw e-mail | index | archive | help
To test if it works, ping your subnet's broadcast address (i.e., a.b.c.255). If you're not sure of the broadcast, an ifconfig -a will give it to you. The machine won't respond to a broadcast ping. This will prevent you from being a smurf relay. A more effective method would be to block broadcast pings at the router to your network. Check your router's documentation or mfg. web site for exact instructions. Regards, ==ml > > Hi, > > Is it enough to do "sysctl -w net.inet.icmp.bmcastecho=0" to prevent being > Smurf Intermediary? And if so, how can I check it to get sure if it is ok? > I did the above change, but my freebsd box still responses to ping (from a > pc on the same Ehternet) to broadcast address. Is it normal? > > thanks, > Nazila M. > > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- Michael Lucas | Exceptionet, Inc. | www.exceptionet.com "Exceptional Networking" | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906221106.HAA02940>