[lug] Blocking ping -f with ipchains?
Justin
glow at jackmoves.com
Tue Apr 3 12:18:39 MDT 2001
I am wondering exactly how I would block out icmp floods using
ipchains. I know how to do it for specific ip's or hosts but I was
thinking about adding a rule using the --fragment option. Would this be
something worthwhile? Here is what I had in mind:
/sbin/ipchains -f -A input -i eth0 -p icmp -s 0/0 -d 0/0 -j DENY
Except I'm not exactly sure where to put the -f flag in the rule. Is
there a better approach to this? Some security software that might help
prevent floods? Thanks in advance...
Justin
-----
glow at jackmoves.com
www.jackmoves.com
More information about the LUG
mailing list