Firewalls: Re: KarlBridge/Router vs Satan and an overview of the new version 3.0

Firewalls
(April 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: KarlBridge/Router vs Satan and an overview of the new version 3.0
From:	Darren Reed <avalon @ coombs . anu . edu . au>
Date:	Fri, 14 Apr 1995 19:50:42 +1000 (EST)
To:	dkarl @ net . ohio-state . edu (Doug Karl)
Cc:	firewalls @ greatcircle . com, sales @ karlnet . com
In-reply-to:	<199504061610 . MAA05125 @ locust . net . ohio-state . edu> from "Doug Karl" at Apr 6, 95 11:13:29 am

> 
> To all from Doug Karl.....
[...]
> 2) New ICMP filters.  Some examples are the ability to "ping" out of the
> internal network but not in.  One can argue that if you stop incoming
> "pings" at the boarder then some scanners can be slowed down.  Also
> incoming ICMP Redirects can be blocked from entering the network.  This
> will protect against ICMP bombs.

Blocking redirects doesn't stop ICMP `bombs'.  This term is used to describe
the behaviour of ICMP unreachables.  But I assume it is general enough to
allow this too.

darren

References:

KarlBridge/Router vs Satan and an overview of the new version 3.0
From: dkarl @ net . ohio-state . edu (Doug Karl)

Indexed By Date	Previous:	Any logs of SATAN attacks against firewalls? (fwd) From: tom @ pserv1 . dot . state . az . us (Tom Brink)
Indexed By Date	Next:	Re: SNMP or other mgmt/monitor of bastion &c. From: "Bryan D. Boyle" <bdboyle @ maverick . erenj . com>
Indexed By Thread	Previous:	KarlBridge/Router vs Satan and an overview of the new version 3.0 From: dkarl @ net . ohio-state . edu (Doug Karl)
Indexed By Thread	Next:	IP Tunneling / Allocation From: graemes @ morse . co . uk (Graeme Sandieson)