Firewall Wizards mailing list archives
Re: ICMP destination unreachable messages
From: "Steven M. Bellovin" <smb () research att com>
Date: Wed, 16 Apr 2003 17:14:55 -0400
In message <c643615a7427fb3b0dfc9eef1ff89c5f3e9c52d1 () watchguard com>, "Max Ende rs" writes:
Hello, I'm curious to know how firewalls handle duplicate ICMP destination unreachabl e messages. How should replayed packets be denied? It seems like the two best options are rate limiting and inspecting the IPID. Any information is apprecia ted.
How duplicate are they? Remember that you have to let in the "fragmentation needed" messages, or you'll end up with black holes. --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (2nd edition of "Firewalls" book) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- ICMP destination unreachable messages Max Enders (Apr 15)
- Re: ICMP destination unreachable messages Steven M. Bellovin (Apr 16)
- Re: ICMP destination unreachable messages Chunduru Rama Krishna Prasad (Apr 17)
- <Possible follow-ups>
- RE: ICMP destination unreachable messages Max Enders (Apr 16)