On Tue, 17 Mar 1998, Usama Wazeer wrote:
>
> Is it possible to either totally stop my machine from responding to
> ICMPs or use something similar to tcpd to restrict it to certain
> hosts. The inetd man page just says that some services including echo
> are handled internally but doesn't say anything about turning it off.
ICMP is *not* handled by inetd, so I am not surprised that you can't
find any mention of this. ICMP is a protocol like tcp or udp - and so
you can't stop it with tcp_wrappers either.
Without going into great depth on the protocol (my Douglas E Comer
TCP/IP books are somewhere between the US and Australia at present and
I don't carry this level of detail in my head), you can indeed stop
the various ICMP protocol packets.
I suggest you take a look at the ipfwadm and ipfw man pages (and you
will also find that the O'Reilly and Associates book "Building
Internet Firewalls" is of considerable use in terms of discussing
which ICMP packets you should block and which you might want to
allow...
Robert Hart [EMAIL PROTECTED]
Red Hat Software Inc. Phone: +1-919-547-0012 Fax: +1-919-547-0024
4201 Research Commons Suite 100, 79 TW Alexander Dr., Research Triangle Park,
NC 27709, USA
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
