Best way to filter "Nachi pings"?
Francis A. Vidal
francisv-sender-21ebc3 at irc.dagupan.com
Mon Oct 27 00:22:30 PST 2003
It's also dependent on ICMP time exceeded.
-----Original Message-----
From: Colin Percival [mailto:colin.percival at wadham.ox.ac.uk]
Sent: Monday, October 27, 2003 4:11 PM
To: Francis A. Vidal; freebsd-security at freebsd.org
Subject: RE: Best way to filter "Nachi pings"?
At 16:06 27/10/2003 +0800, Francis A. Vidal wrote:
>Wouldn't it break stuff like traceroute?
Traceroute is fine -- it uses UDP packets. Tracert, on the other hand,
uses ICMP echo request packets, and it suffers. I'm currently on a
university network, and when there are connectivity issues (which seems to
be quite often) I get very annoyed with the ICMP filtering.
Colin Percival
More information about the freebsd-security
mailing list