Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: reduction of brute force log
From: Martijn Lievaart <m () rtij nl>
Date: Sat, 11 Mar 2006 18:40:36 +0100
Gary E. Miller wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Bob!

On Tue, 28 Feb 2006, Bob Radvanovsky wrote:


I am going to test these rules out -- this looks REALLy good!  But...I'v
e got just ONE question: why on Earth would you permit ICMP???


No ICMP means no P-MTU.  No P-MTU mean non-working tunnels.

You want to shoot yourself in the foot, tben go ahead and block ICMP.
All icmp messages related to pmtud are just that, RELATED. So they are allowed by a previous rule. 

M4

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • Re: reduction of brute force log Martijn Lievaart (Mar 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]