[Full-disclosure] reduction of brute force log
Martijn Lievaart
m at rtij.nl
Sat Mar 11 17:40:36 GMT 2006
Gary E. Miller wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Yo Bob!
>
>On Tue, 28 Feb 2006, Bob Radvanovsky wrote:
>
>
>
>>I am going to test these rules out -- this looks REALLy good! But...I'v
>>e got just ONE question: why on Earth would you permit ICMP???
>>
>>
>
>No ICMP means no P-MTU. No P-MTU mean non-working tunnels.
>
>You want to shoot yourself in the foot, tben go ahead and block ICMP.
>
>
All icmp messages related to pmtud are just that, RELATED. So they are
allowed by a previous rule.
M4
Full-Disclosure is hosted and sponsored by Secunia.