| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4E4E558E.5050905@odu.neva.ru> Date: Fri, 19 Aug 2011 16:22:38 +0400 From: Dmitry Butskoy <buc@...sz.so-cdu.ru> To: unlisted-recipients:; (no To-header on input) CC: netdev@...r.kernel.org Subject: Re: Traceroute and "ping" sockets: some questions David Miller wrote: >> - Are there any plans to implement some "rate control" (maybe >> - sysctl-configurable too), to restrict unprivileged users to send icmp >> - echoes too fast (ie. faster than 200 ms -- the current ping(8) >> - restriction)? >> > Why limit? He can spam with UDP socket just as easily at any rate > he pleases, > Yes, but most cases such UDP is "one-way" spam (until services like "echo 7/udp" are enabled). For icmp ping, we normally receive icmp replies, hence it is bidirectional crap. Which was not present before. Besides that ping(8) is normally present in the system even if C development is not installed (ie. user cannot build its spam software at the host etc...) Regards, Dmitry http://www.fedoraproject.org/wiki/DmitryButskoy -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists