|
|
Block incoming pings while allowing outgoing pings
I'm no expert on this, but one of the rules that Brickhouse writes to the ipfw config file and which you cannot change and always comes before any custom rules says:
Block incoming pings while allowing outgoing pings
Just tried it out - and yes, the default BrickHouse rule indeed allows for pinging your machine, no matter what rules you might add later.
Block incoming pings while allowing outgoing pings
The only ICMP types that should be allowed from the Internet are 0 3 11 which are echo reply, destination unreachable and time exceeded. I don't see any reason for anyone pinging me since I don't provide any services to the world. Allowing type 8 which is echo request CAN be a security hole, but needn't. I'm a Mac newbie so forgive me about my stupidity. I come from the Linux world and my stateful firewall can also limit access to a certain number/minute or hour or what ever you prefer. This would minimize the problem of getting pod or something. I believe ipfw is a good packet level firewall which can also do such things. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.05 seconds |
|