Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-Disclosure] ICMP - Today India, Samoa, and Iran are in the tank - back to orginal thread DDoS, or No DDoS?
Date: Mon Oct 18 2004 - 13:38:15 CDT
Today Iran (Terhan), India (Bangalore) and Samoa are dragging
the Asian index down.
how you determine if its' DoS on these routers, or not? Is there a
Monitoring Site out there tracking backscatter, or other such focused
Cedric Blancher wrote:
>Le lun 18/10/2004 à 17:12, james edwards a écrit :
>>>I don't see the reason why it would cause a problem, as firewall is able
>>>to spot ICMP related to server's IP connections as well...
>>New connections to the server must be implecitally allowed, as there
>>is no established state to refer to.
>I guess that if you want to run a server behind a firewall, then you
>have to allow some TCP or UDP connections to it... And you only have to
>deal ICMP stuff for thoses connections, as others are prohibited, and
>the firewall does this.
>I really don't see where the problem is.
>My point is just to show that we do have now solutions to filter ICMP in
>a smart way that won't break PMTU discovery and stuff that rely on ICMP
>PS : I think we could end this offline, we're far away from original
pub 1024D/553A49A5 2004/09/22 vigilaro (der wachter) <vigilarogmx.net>
Key fingerprint = DD07 4DC8 C434 8FD3 C0F3 5A6C 2376 B26C 553A 49A5
sig 553A49A5 vigilaro (der wachter) <vigilarogmx.net>
allgemeiner Schlüssel vorhanden
Full-Disclosure - We believe in it.