[ILUG] Hardening Linux
conor_wynne at maxtor.com
Fri May 31 09:58:47 IST 2002
My problem actually, and there was me blaming eircon! My logs were filling
up with ICMP rejects, even from the HAN. The result was that if there was
not net activity for a few minutes, I had to bring down the net and back
again otherwise nothing worked.
I reset the firewall rules last night and it seems much improved now.
However I am NOT a firewall expert - see my earlier question today!
Indeed. And, if the box is already running a webserver on an IP, blocking
ICMP to that IP isn't going to help much. A good rule of thumb is:
If a firewall blocks ICMP, it's broken.
John Looney Chief Scientist
a n t e f a c t o t: +353 1 8586004
www.antefacto.com f: +353 1 8586014
More information about the ILUG