On Sat, 10 Feb 1996, Joe Smith (Really!) wrote:
> What is the loss of disabling echo? Or discard for that matter.
Some ping-like aps won't function. Discard will probably use just about
as much overhead as the stack dropping a packet that isn't addressed to a
listening port. As an aside, has anyone tried the source endpoint as
loopback's port 7? I don't have a decent machine that I can kill right now,
but I'd think that it might be interesting. It doesn't do the network damage
that picking two machines on the same subnet does, but could be a strong
DOS against a single machine. (I've always taken the built-in services
out of inetd.conf on *all* my public, and most of my private hosts,
though echo has been a useful replacement for ping in the past between
subnets where I pass TCP but not ICMP or UDP).
Just in case anyone is still paying attention, make sure that you've
screened the loopback address on your outside screening routers along
with your local subnets that protect against spoofing.
Paul.
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts @
clark .
net which may have no basis whatsoever in fact."
PSB#9280
References:
|
|
