Steve Holdoway wrote:
Hey, glad to see you're still around!
:-) I am a professional lurker these days.
I'm just monitoring the ppp0 interface of my ipcop box using iptraf, so I
expect it easily could. Just wondering whether to say bah! to the standards,
and close down all icmp traffic on the external interface.
Dropping unsolicited traffic seems to be in fashion these days (often
under the 'stealth' mode name). I personally do not like it.
It breaks some basic assumptions, for instance a NAT box doing stealth
once rebooted thinks all traffic is 'unsolicited' and if it is in
stealth mode will not send RST packets to incoming traffic which will
keep hammering you for a while. A problem if at the time of reboot you
were connected to a few thousands *coff* peers.
--
Delio
Steve
On Thu, 26 Apr 2007 14:02:47 +1200
Delio <[EMAIL PROTECTED]> wrote:
Steve,
Could it be spoofed?
/me goes back into hiding
Steve Holdoway wrote:
I'm getting loads of icmp traffic from this machine, which I can only assume is
part of telstra's infrastructure. Any idea what it could be? We're on TC this
end as well.
251.50.98.203.in-addr.arpa name = ge-0-2-0-1.xcore1.acld.telstraclear.net
Cheers,
Steve
