Thanks, guys (and dolls).
I got good descriptions of the workings of
traceroute from several of you.
My biggest surprise in blocking ICMP,
was that Linux appears to succeed in it's
traceroute even though the packet's never
reach their destination (reject).
Stupid little thing, that... :)
Changing to DROP fixed that, though.
Cheers,
Anders :)
-----Original Message-----
From: Oliver Viitamaki [mailto:[EMAIL PROTECTED]]
Sent: 30. november 2000 15:57
To: Reed Mohn, Anders
Subject: RE: [FW1] Off-topic (somewhat): How does traceroute work,
anyway?
Just one more thing, that I thought about on the way home last night
that
I had forgotten to mention.... many of the programs that craft packets do
not use the machine's IP stack. Therefore they do not respond to a Reset
packet. If they get any response at all, naturally depending on the
program, they continue on their way, some keep right on running, even when
there is no response.
So... what I'm getting at is if you envision using a Reset to kill
off an
intruder, it may not work unless a Reset is sent in the direction of the
source and destination, more than one may be necessary, and the sequence
number has to be correct as well.
Just an additional 2 cents (Canadian) worth..
ov
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
