On Mon, Nov 29, 1999 at 09:42:28AM +0200, Samuli Kaski wrote:
> On Sun, 28 Nov 1999, Glynn Clements wrote:
> > Laurent SEROR wrote:
> > > Is there a simple way to stop all icmp ????
> > 3. The attacker can always flood you with some other type of packet,
> > e.g. TCP SYN packets. I presume that these would use more resources
> > than an ICMP echo request.
Ping packets can be loaded with huge payloads. Syn packets cannot
(unless you are talking about that $#@$#@ ttcp junk - single packet with
SYN + data + FIN).
> And correct me if I'm wrong but filtering at the destination of the attack
> makes little sense. You will have to filter one or more hops uplink, talk
> to your ISP.
You would cut down on half the traffic (the reply). :-)
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
