Re: Path MTU (was: RE:)

To: Ansgar -59cobalt- Wiechers <lists@planetcobalt.net>, debian-firewall@lists.debian.org
Subject: Re: Path MTU (was: RE:)
From: Mike Mestnik <cheako911@yahoo.com>
Date: Fri, 21 Jan 2005 14:19:26 -0800 (PST)
Message-id: <20050121221926.2274.qmail@web30506.mail.mud.yahoo.com>
In-reply-to: <20050119163025.B20026@planetcobalt.net>

--- Ansgar -59cobalt- Wiechers <lists@planetcobalt.net> wrote:

> On 2005-01-18 Phil Dyer wrote:
> > Mike Mestnik wrote:
> >> 1. Pings to bracast addresses(like 209.98.255.255), these can easily
> >> generate hundreds of replys(pongs) AND be targeted at any host on the
> >> net.
> > 
> > Or better yet. Drop all broadcast traffic. Ingres, egres, tcp, udp,
> > whatever. When it hits your border. Drop.
> > 
> >> 1a. Pings not originating fron it's own revers route, coming from
> >> somwhere other then where the pong would be routed.
> > 
> > Also applies to more than icmp. Wrong interface? -- drop.
> 
> REJECT, not DROP.
> 
This would be a nice feature for routers/fierwalls, to be ableto send
responces back to the MAC(ethernet) address from which the original packet
came from.

> Regards
> Ansgar Wiechers
> -- 
> "Those who would give up liberty for a little temporary safety
> deserve neither liberty nor safety, and will lose both."
> --Benjamin Franklin
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 
> 



		
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - What will yours do?
http://my.yahoo.com

Reply to:

References:
- Re: Path MTU (was: RE:)
  - From: Ansgar -59cobalt- Wiechers <lists@planetcobalt.net>

Prev by Date: Re: Path MTU (was: RE:)
Next by Date: Re: Path MTU (was: RE:)
Previous by thread: Re: Path MTU (was: RE:)
Next by thread: Re: Path MTU (was: RE:)
Index(es):
- Date
- Thread