On Apr 6, 2013, at 16:03 , valdis.kletni...@vt.edu wrote:
On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
What would break if u dropped all ICMP packets with redirects on public
facing boxes?
Presumably nothing, as long as you guaranteed that your IP address, netmask,
and routes
On Sun, 07 Apr 2013 12:25:30 -0700, Owen DeLong said:
Presumably nothing, as long as you guaranteed that your IP address, netmask,
and routes actually match the reality of your network configuration.
They also cover the case where there are two (or more) routers on the
network and you
On Apr 7, 2013, at 18:47 , valdis.kletni...@vt.edu wrote:
On Sun, 07 Apr 2013 12:25:30 -0700, Owen DeLong said:
Presumably nothing, as long as you guaranteed that your IP address, netmask,
and routes actually match the reality of your network configuration.
They also cover the case where
To: nanog@nanog.org
Subject: ICMP Redirect on Resolvers
Hello everybody,
I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in
console messages like this:
icmp redirect from 192.168.140.36: 192.168.179.80 = 192.168.140.254
and lots of messages like this, mostly ip addresses
On 4/6/13, Keith Medcalf kmedc...@dessus.com wrote:
Although spoofed ICMP redirects mightalso be abused to
intercept/quietly sniff traffic
on a switched LAN;
The default gateway responding with a redirect in that situation
is the normal case where you expect to receive an ICMP redirect. ; in
On Apr 6, 2013 3:13 AM, Jimmy Hess mysi...@gmail.com wrote:
Failing all that, if the LANs are large, and a large number of ICMP
redirects would occur, it may be preferrable to turn ICMP redirects
off for those LANs on their routers
What would break if u dropped all ICMP packets with
On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
What would break if u dropped all ICMP packets with redirects on public
facing boxes?
Presumably nothing, as long as you guaranteed that your IP address, netmask,
and routes actually match the reality of your network configuration. In
On 4/6/13, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote:
On Sat, 06 Apr 2013 10:38:06 -0400, shawn wilson said:
case, you shouldn't see any valid ICMP redirects. They're there mostly so
things kind-of-sort-of work even if you botch it (so for instance, even if
you whiff your default
Hello everybody,
I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in
console messages like this:
icmp redirect from 192.168.140.36: 192.168.179.80 = 192.168.140.254
and lots of messages like this, mostly ip addresses not belong to me, and
some times these resolvers stop
On 6 Apr 2013, at 06:36, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote:
I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in
console messages like this:
icmp redirect from 192.168.140.36: 192.168.179.80 = 192.168.140.254
You probably configured the wrong default router
10 matches
Mail list logo
