On Apr 7, 2013, at 18:47 , valdis.kletni...@vt.edu wrote:
> On Sun, 07 Apr 2013 12:25:30 -0700, Owen DeLong said:
>
>>> Presumably nothing, as long as you guaranteed that your IP address, netmask,
>>> and routes actually match the reality of your network configuration.
>
>> They also cover the
On Sun, 07 Apr 2013 12:25:30 -0700, Owen DeLong said:
> > Presumably nothing, as long as you guaranteed that your IP address, netmask,
> > and routes actually match the reality of your network configuration.
> They also cover the case where there are two (or more) routers on the
> network and you
On Apr 6, 2013, at 16:03 , valdis.kletni...@vt.edu wrote:
> On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
>
>> What would break if u dropped all ICMP packets with redirects on public
>> facing boxes?
>
> Presumably nothing, as long as you guaranteed that your IP address, netmask,
> and
On 4/6/13, valdis.kletni...@vt.edu wrote:
> On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
case, you shouldn't see any valid ICMP redirects. They're there mostly so
> things kind-of-sort-of work even if you botch it (so for instance, even if
> you whiff your default route accidentally,
On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
> What would break if u dropped all ICMP packets with redirects on public
> facing boxes?
Presumably nothing, as long as you guaranteed that your IP address, netmask,
and routes actually match the reality of your network configuration. In th
On Apr 6, 2013 3:13 AM, "Jimmy Hess" wrote:
>
> Failing all that, if the LANs are large, and a large number of ICMP
> redirects would occur, it may be preferrable to turn ICMP redirects
> off for those LANs on their routers
>
What would break if u dropped all ICMP packets with redirects on publ
On 4/6/13, Keith Medcalf wrote:
>
Although spoofed ICMP redirects mightalso be abused to
intercept/quietly sniff traffic
on a switched LAN;
The default gateway responding with a redirect in that situation
is the normal case where you expect to receive an ICMP redirect. ; in
that particular case
> icmp redirect from 192.168.140.36: 192.168.179.80 => 192.168.140.254
The host attempted to send a packet to 192.168.179.80 via 192.168.140.36.
192.168.140.36 forwarded the packet to 192.168.140.254 according to its routing
table, but is advising you (and the kernel has added to the routing t
On 6 Apr 2013, at 06:36, Shahab Vahabzadeh wrote:
> I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in
> console messages like this:
>
> icmp redirect from 192.168.140.36: 192.168.179.80 => 192.168.140.254
You probably configured the wrong default router address or netmask
9 matches
Mail list logo
