Kasper <[EMAIL PROTECTED]> wrote in list.freebsd-hackers:
> Is there any way to stop the machine to answer on ping, so that my machine
> doenst answer on any ping? My server has been ping attacked a few times.
I'd recommend that you add
options "ICMP_BANDLIM"
to your kernel. This will limit the amount of ICMP replies that
your machine is sending out, without turning off ICMP completely
(which would be a _very_ bad thing). You can tune the bandwidth
limit with sysctl net.inet.icmp.icmplim.
However, if the _incoming_ ICMP packets are already filling up
your line and causing trouble, there's nothing that you could do
against it on your side, I'm afraid. Then you should try to
track down who's attacking you, and get those bad boys LARTed.
You could also try to ask your ISP for help.
Regards
Oliver
PS: "Pings" are just a particular type of ICMP packets (ICMP
ECHO requests and ICMP ECHO replies, respectively).
--
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:[EMAIL PROTECTED])
"In jedem St�ck Kohle wartet ein Diamant auf seine Geburt"
(Terry Pratchett)
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
