[2307] in linux-security and linux-alert archive
[linux-security] Re: portmap messages under /var/log/messages
daemon@ATHENA.MIT.EDU (Martin Macok)
Sun Feb 13 05:02:49 2000
Date: Sun, 13 Feb 2000 01:01:48 +0100
From: Martin Macok <martin.macok@underground.cz>
To: linux-security@redhat.com
Message-ID: <20000213010148.A1123@p75.kolej.mff.cuni.cz>
X-Reply-To: macok@kocour.ms.mff.cuni.cz
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit
In-Reply-To: <008701bf74f0$108fdd20$0100a8c0@triad.rr.com>; from starr@homemail.com on Fri, Feb 11, 2000 at 07:28:18PM -0500
Resent-From: linux-security@redhat.com
On Fri, Feb 11, 2000 at 07:28:18PM -0500, Mike Starr wrote:
> I had a couple of people suggest that this might be an attempt to flood ping
> my server. However, I hope this server is resistant to this type of attack,
> since the server is not "pingable", configured via "echo "1" >
> /proc/sys/net/ipv4/icmp_echo_ignore_all".
Just for your information:
(1)
RFC 792: INTERNET CONTROL MESSAGE PROTOCOL
[snip]
ICMP is actually an integral part of IP, and
must be implemented by every IP module.
[snip]
The data received in the echo message must be returned in the echo
reply message.
[snip]
(2)
RFC 2463:
Internet Control Message Protocol (ICMPv6)
for the Internet Protocol Version 6 (IPv6)
[snip]
ICMPv6 is an integral part of
IPv6 and MUST be fully implemented by every IPv6 node.
[snip]
Every node MUST implement an ICMPv6 Echo responder function that
receives Echo Requests and sends corresponding Echo Replies. A node
SHOULD also implement an application-layer interface for sending Echo
Requests and receiving Echo Replies, for diagnostic purposes.
[snip]
(3)
RFC 2119: Key words for use in RFCs to Indicate Requirement Levels
[snip]
1. MUST This word, or the terms "REQUIRED" or "SHALL", mean that the
definition is an absolute requirement of the specification.
[snip]
Have a nice ~STANDARD~ day
--
< Martin Mačok martin.macok@underground.cz <iso-8859-2>
\\ http://kocour.ms.mff.cuni.cz/~macok/ http://underground.cz/ //
\\\ -= t.r.u.s.t n.0 o.n.e =- ///
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
