Nice! I was going to suggest "tc" but this is really cool. I wasn't aware tht IPtables had a rate-limiting module. I'm going to play with this a lot this weekend.
Jon On Thu, 2005-06-09 at 12:37, Jason Tower wrote: > http://www.penguinsecurity.net/pensec/modules.php?name=News&file=article&sid=171 > > several icmp examples are in the text > > jason > > > Anyone know if there is a Linux equivalent of Cisco CAR to control ICMP > > abuses? > > I used to prohibit ICMP at my network edge until I discovered the > > virtues of CAR, allowing enough traffic for helpful testing but shutting > > down sources who send too much too often. > > > > Here is an example of how to use CAR on a Cisco router to control ICMP: > > interface xy > > rate-limit output access-group 2020 3000000 512000 786000 conform-action > > transmit exceed-action drop > > access-list 2020 permit icmp any any echo-reply > > > > If someone could point out how to achieve this kind of thing in IP > > tables or using some other fancy package I'd be most grateful. > > > > Tanner Lovelace wrote: > > > >>On 6/7/05, Ben Pitzer <[EMAIL PROTECTED]> wrote: > >> > >> > >>>Yeah, how about finding out if the SC has (wisely) turned off ICMP > >>>echo on the server? > >>> > >>>-Ben > >>> > >>> > >> > >>I've gone back and forth on this having done it one way or the > >>other for several years now and I'm not actually convinced > >>it buys you that much more security. Yes, I know you can > >>tunnel a shell through ICMP, but by turning it off you lose > >>what can be a valuable debugging too. So, I guess it > >>just boils down to what you're willing to trade off. > >> > >>Cheers, > >>Tanner > >> > >> > > -- > > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > > TriLUG Organizational FAQ : http://trilug.org/faq/ > > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
