Mailinglist Archive: opensuse-security (471 mails)
| < Previous | Next > |
Re: [suse-security] Suse Firewall 2.6
- From: MaD dUCK <madduck@xxxxxxxxxxx>
- Date: Fri, 13 Oct 2000 03:33:52 -0400
- Message-id: <20001013033352.A12553@xxxxxxxxxxx>
mh.
icmp messages are vital to most traffic on the network and they cannot really
be used for hacking. of course, icmp floods (i.e. ping of death etc.) are
based on them, but your system should be immune. anyway,
destination-unreachable for instance is what you get back when you point
netscape to http://i.dont.exist.com. it's a very low-level protocol, called
the internet (protocol) control message protocol, so it is used at a level
far below tcp/udp to handle control messages.
i don't know where you firewall is setup. i assume you are using ipchains to
configure it.
so check /etc/rc.d/init.d/ipchains, /etc/ipchains*, and /etc/sysconfig/ipchains
for lines similar to the ones below. let me know when you find a file that
lists rules with or without the 'ipchains' in the beginning of the line.
martin
ps: even better signature :)
madduck@xxxxxxxxxxx
(greetings from the heart of the sun)
icmp messages are vital to most traffic on the network and they cannot really
be used for hacking. of course, icmp floods (i.e. ping of death etc.) are
based on them, but your system should be immune. anyway,
destination-unreachable for instance is what you get back when you point
netscape to http://i.dont.exist.com. it's a very low-level protocol, called
the internet (protocol) control message protocol, so it is used at a level
far below tcp/udp to handle control messages.
i don't know where you firewall is setup. i assume you are using ipchains to
configure it.
so check /etc/rc.d/init.d/ipchains, /etc/ipchains*, and /etc/sysconfig/ipchains
for lines similar to the ones below. let me know when you find a file that
lists rules with or without the 'ipchains' in the beginning of the line.
martin
ps: even better signature :)
madduck@xxxxxxxxxxx
(greetings from the heart of the sun)
| < Previous | Next > |