Full Disclosure mailing list archives
Re: reduction of brute force log
From: Martijn Lievaart <m () rtij nl>
Date: Sat, 11 Mar 2006 18:40:36 +0100
Gary E. Miller wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Bob! On Tue, 28 Feb 2006, Bob Radvanovsky wrote:I am going to test these rules out -- this looks REALLy good! But...I'v e got just ONE question: why on Earth would you permit ICMP???No ICMP means no P-MTU. No P-MTU mean non-working tunnels. You want to shoot yourself in the foot, tben go ahead and block ICMP.
All icmp messages related to pmtud are just that, RELATED. So they are allowed by a previous rule.
M4 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: reduction of brute force log Martijn Lievaart (Mar 11)