Mikkel L. Ellertson wrote:
> You can set your machine so it doesn't respond to traceroute by
> blocking incomming traceroute.
You can't block "incoming traceroute", other than by blocking all
incoming UDP packets.
You can, however, block the outgoing replies.
> What you will want to block is outgoing ICMP
> packets types 3 and 11.
You definitely don't want to block ICMP type 3, outgoing or otherwise,
unless you don't mind TCP not working any more (which would largely
defeat the point of having a network connection in the first place).
You shouldn't really block ICMP type 11, either, although it won't
actually matter (other than traceroute not working) unless there are
other problems (i.e. a routing loop).
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
