Hi,
I don't know what is firebox, but I've got '1' in
/proc/sys/net/ipv4/icmp_echo_ignore_all witch is interpreted by kernel like a
other port attempt. And so, no reply. It's the primary thing that I give in
all my news linuxboxes on the Internet.
this void `ping -s 65635 victim.com` for example
gilles
Barry George ([EMAIL PROTECTED])
a �crit:
> Hi All,
>
> We have a Firebox II setup stopping most of what we don't want.
> Everything has been running nicely, then our city run ISP installed a
> new mail server. We found that mail from its domain was being slowed
> down or blocked. On inspection to turns out that our firewall was being
> hit constantly my there mail server destined for our mail server. Seems
> they are sending ICMP packets for PMTU discovery, so the Firebox sees
> these ICMP packets as a possible DoS attack and locks out the
> domain.Seems the frequency has increased to several packets per second
> at worst.
> The ISP says they are just following standard RFC1191 protocols, but
> something has to have changed as we haven't had this problem before.
>
> If we let these through to our mail server are we opening ourselves up
> to attack? Sorry I don't directly configure the Firebox myself so I'm
> not sure what config. capabilities it has. I'd appreciate any discussion
> on this.
>
> Barry
--
<Cpicyfab> Et UNIX, ca fonctionne comment?
<Cpicyfab> Comme msdos?
<Cpicyfab> Pardon
<Cpicyfab> Comme les PC?
- #linuxfr
--- gpg key:http://bermudos.free.fr/.key/pubring.asc
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
