- Original Message -
From: Andy Farkas [EMAIL PROTECTED]
To: Markie [EMAIL PROTECTED]
Cc: Mark [EMAIL PROTECTED]; Ruben de Groot [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Wednesday, August 13, 2003 3:20 PM
Subject: Re: Restricting ICMP
Is it? I thought it was setuid root for a reason
Is it? I thought it was setuid root for a reason :o)
...
I just woke up, so it may well be I am just being stupid :o)
Well, I didn't know ping needed suid. I stand corrected and apologise for
any misleadings.
/me is the stupid one... time to go to bed :)
--
:{ [EMAIL PROTECTED]
On Tue, Aug 12, 2003 at 12:28:40AM +, Mark wrote:
[..]
Sorry for the addendum; but I was not entirely clear. I want to restrict
*outgoing* ICMP (traceroute and such) to anyone, but root.
# chmod u-s /usr/sbin/traceroute /sbin/ping
--
Jonathan Chen [EMAIL PROTECTED]
: Re: Restricting ICMP
- Original Message -
From: Andy Farkas [EMAIL PROTECTED]
To: Markie [EMAIL PROTECTED]
Cc: Mark [EMAIL PROTECTED]; Ruben de Groot [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Wednesday, August 13, 2003 3:20 PM
Subject: Re: Restricting ICMP
Is it? I thought
On Wed, Aug 13, 2003 at 09:56:04AM +, Mark typed:
- Original Message -
From: Andy Farkas [EMAIL PROTECTED]
SNIP
I am just not very fond of the idea of local users starting ICMP wars over
the net, using my server :) I have already had an instance where a web-user
did an
- Original Message -
From: Andy Farkas [EMAIL PROTECTED]
To: Mark [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, August 13, 2003 4:41 AM
Subject: Re: Restricting ICMP
Is there a way I can use ipfw to disallow ICMP from anyone,
but root? (FreeBSD 4.7R) I tried
- Original Message -
From: Mark [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 12, 2003 2:23 AM
Subject: Restricting ICMP
Hello,
Is there a way I can use ipfw to disallow ICMP from anyone, but
root? (FreeBSD 4.7R) I tried this:
${fwcmd} -q add 4 allow icmp from any
- Original Message -
From: Andy Farkas [EMAIL PROTECTED]
To: Mark [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Wednesday, August 13, 2003 1:01 PM
Subject: Re: Restricting ICMP
Mark wrote:
I am just not very fond of the idea of local users starting ICMP wars
over
the net, using my
On Wed, Aug 13, 2003 at 10:01:03PM +1000, Andy Farkas typed:
Mark wrote:
I am just not very fond of the idea of local users starting ICMP wars over
the net, using my server :) I have already had an instance where a web-user
did an excessive ping attack on one of his buddies. And,
Mark wrote:
I am just not very fond of the idea of local users starting ICMP wars over
the net, using my server :) I have already had an instance where a web-user
did an excessive ping attack on one of his buddies. And, naturally, I want
to prevent that. The chmod u-s idea mentioned here, was
Is there a way I can use ipfw to disallow ICMP from anyone, but root?
(FreeBSD 4.7R) I tried this:
${fwcmd} -q add 4 allow icmp from any to any icmptype 0,3,8,11 in via
${outside}
${fwcmd} -q add 4 allow icmp from any to any uid root
${fwcmd} -q add 4 deny log icmp from any to any
man
Hello,
Is there a way I can use ipfw to disallow ICMP from anyone, but root?
(FreeBSD 4.7R) I tried this:
${fwcmd} -q add 4 allow icmp from any to any icmptype 0,3,8,11 in via
${outside}
${fwcmd} -q add 4 allow icmp from any to any uid root
${fwcmd} -q add 4 deny log icmp from any to any
But
12 matches
Mail list logo