so then firewall totally helpless to DoS attack?
that sounds really bad
there must be some way around this
such as all packets are encrypted to u and are ignored by default
On Thu, 7 Jun 2001, patrick kerry wrote:
> There is no mechanism to stop a DOS attack on the fire
> box. Actually on most firewalls a true DOS attack is
> impossible to stop. Have your Firewall admin allow
> the ICMP packets inbound from only that mail server
> (host). I doubt if your ISP will launch a DOS attack
> against you, even if they did you would be helpless
> against it.
> --- Barry George <[EMAIL PROTECTED]> wrote:
> > Hi All,
> >
> > We have a Firebox II setup stopping most of what we
> > don't want.
> > Everything has been running nicely, then our city
> > run ISP installed a
> > new mail server. We found that mail from its domain
> > was being slowed
> > down or blocked. On inspection to turns out that our
> > firewall was being
> > hit constantly my there mail server destined for our
> > mail server. Seems
> > they are sending ICMP packets for PMTU discovery, so
> > the Firebox sees
> > these ICMP packets as a possible DoS attack and
> > locks out the
> > domain.Seems the frequency has increased to several
> > packets per second
> > at worst.
> > The ISP says they are just following standard
> > RFC1191 protocols, but
> > something has to have changed as we haven't had this
> > problem before.
> >
> > If we let these through to our mail server are we
> > opening ourselves up
> > to attack? Sorry I don't directly configure the
> > Firebox myself so I'm
> > not sure what config. capabilities it has. I'd
> > appreciate any discussion
> > on this.
> >
> > Barry
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail - only $35
> a year! http://personal.mail.yahoo.com/
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
[EMAIL PROTECTED]
"Blessed are those who have not seen and yet have faith." - John 20:29
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
