|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] ICMP - Today India, Samoa, and Iran are in the tank - back to orginal thread DDoS, or No DDoS?
vigilaro
gmx.net
Date: Mon Oct 18 2004 - 13:38:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Today Iran (Terhan), India (Bangalore) and Samoa are dragging
the Asian index down.
how you determine if its' DoS on these routers, or not? Is there a
Public Darknet
Monitoring Site out there tracking backscatter, or other such focused
traffic?
Andreas-
Cedric Blancher wrote:
>Le lun 18/10/2004 à 17:12, james edwards a écrit :
>
>
>>>I don't see the reason why it would cause a problem, as firewall is able
>>>to spot ICMP related to server's IP connections as well...
>>>
>>>
>>New connections to the server must be implecitally allowed, as there
>>is no established state to refer to.
>>
>>
>
>I guess that if you want to run a server behind a firewall, then you
>have to allow some TCP or UDP connections to it... And you only have to
>deal ICMP stuff for thoses connections, as others are prohibited, and
>the firewall does this.
>
>I really don't see where the problem is.
>
>My point is just to show that we do have now solutions to filter ICMP in
>a smart way that won't break PMTU discovery and stuff that rely on ICMP
>messages reception...
>
>
>PS : I think we could end this offline, we're far away from original
>topic :)
>
>
>
--
pub 1024D/553A49A5 2004/09/22 vigilaro (der wachter) <vigilarogmx.net>
Key fingerprint = DD07 4DC8 C434 8FD3 C0F3 5A6C 2376 B26C 553A 49A5
sig 553A49A5 vigilaro (der wachter) <vigilarogmx.net>
allgemeiner Schlüssel vorhanden
http://math-www.uni-paderborn.de/pgp/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]