On Tue, 3 Oct 2000, Ejvind Kristian wrote:
> If you've got a solaris fw-1, add
>
> ndd -set /dev/ip ip_forward_directed_broadcasts
> ndd -set /dev/ip ip_respond_to_address_mask_broadcast
>
> to your startup scripts.
I'm afraid your syntax is not complete. You need to add a
zero to disable these functions (or a 1 to enable). The
proper syntax is as follows:
### Set kernel parameters for /dev/ip
ndd -set /dev/ip ip_respond_to_echo_broadcast 0
ndd -set /dev/ip ip_forward_directed_broadcasts 0
ndd -set /dev/ip ip_respond_to_address_mask_broadcast 0
ndd -set /dev/ip ip_respond_to_timestamp 0
ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0
ndd -set /dev/ip ip_forward_src_routed 0
ndd -set /dev/ip ip_ignore_redirect 1
Website with more info on Smurf attacks:
http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
lance
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
