lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 15 Mar 2007 09:44:43 -0700
From:	Rick Jones <>
To:	Luis Carlos Cobo Rus <>
Cc:	Netdev List <>
Subject: Re: ping DOS avoidance?

I was just asked about something not too different, involving IIRC 
tnsping.  It got me to looking at ip_sysctl.txt which has:

icmp_ratelimit - INTEGER
         Limit the maximal rates for sending ICMP packets whose type
         matches icmp_ratemask (see below) to specific targets.
         0 to disable any limiting, otherwise the maximal rate in
         Default: 100

icmp_ratemask - INTEGER
         Mask made of ICMP types for which rates are being limited.
         Significant bits: IHGFEDCBA9876543210
         Default mask:     0000001100000011000 (6168)

         Bit definitions (see include/linux/icmp.h):
                 0 Echo Reply
                 3 Destination Unreachable *
                 4 Source Quench *
                 5 Redirect
                 8 Echo Request
                 B Time Exceeded *
                 C Parameter Problem *
                 D Timestamp Request
                 E Timestamp Reply
                 F Info Request
                 G Info Reply
                 H Address Mask Request
                 I Address Mask Reply

         * These are rate limited by default (see default mask above)

(I've always been used to masks being specified as hex values)

rick jones
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists