Re: pingd >> Should it be ported on Debian??
Robert Davies wrote:
> I'd say it's not worth doing because, TCP wrappers really is designed for
> authorising connections, and with ICMP you do not have a TCP connection
> between Source IP/port and Destination IP/port, so you cannot use ident or
> similar. It sounds a broken idea, you don't use wrappers for authorisation
> of UDP protocols for instance, without the 3-way handshake there's no
> defense against packets with spoofed source addresses.
>
> But perhaps this daemon is actually providing a different service,
> allowing test of inetd and higher levels of stack (not unknown for a machine
> to respond to ping, even if it's hung). Even then I'm not sure what value
> it has, as if you run a web server for instance, your best check that it's
> up and available, is to use expect(1) and telnet onto port 80.
>
> Rob
>
I beleive that the author wrote this deamon to be resistant to ping floods and
buffer overflows and whatever other ICMP exploit there is. It probly would be
better to re-write the ICMP core of the kernel to be more deffensive against
these issues. I would gladly do it, but I'm afraid that I'm a code compiler and
not a code writer. Thats why I was hoping this "pingd" deamon could do it for
me.
Thanks, it makes more sense to use the TCP wrappers for managing
connection-orientated protocols. I completely forgot about filtering ICMP on my
host with the use of NetFilter.
Time to read more documentation....
Stef
Reply to: