----- Original Message ----- From: "Rick Moen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 04, 2003 6:02 PM Subject: Re: [plug] ICMP
> Quoting Aris Santillan ([EMAIL PROTECTED]): > > > what is > > > > Apr 4 23:23:31 localhost kernel: 190.200.1.11 sent an invalid ICMP > > error to a broadcast > > Tired about seeing grumbling about invalid ICMP packets? Put > "net/ipv4/icmp_ignore_bogus_error_responses=1" into /etc/sysctl.conf . this will only prevent the kernel logging of warning errors to your log file but still the attacker is flooding your network segment... there are lots of good routers by default filtering this out.. for example for cisco router, ip directed-broadcast is off by default to prevent this kind of flood attack... check your router's manual how to drop this kind of illegal broadcast packets... fooler. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
