Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: CAN-2004-1137

from [hilton de meillon] Network Security [Permanent Link]
Subject: RE: CAN-2004-1137
Date: Thu, 6 Jan 2005 00:04:17 +1000 
Thanks a lot Charles and to all who replied. I will try these solutions and
see how I fare. 

I really need to touch up my TCP/IP or IGMP/IP skills. 

One question -your iptables statement had two entries - one for inbound igmp
and 
one for outbound igmp, the first rule makes sense but the second one throws
me a bit 
as it is in the INPUT chain and not the OUTPUT chain - is this just a lack
in my understanding of iptables ?.

Hilton.

-----Original Message-----
From: Foundation Linux [mailto:webmaster@foundationlinux.com] 
Sent: Wednesday, 5 January 2005 6:02 AM
To: hilton de meillon
Cc: focus-linux@securityfocus.com
Subject: Re: CAN-2004-1137

I'm not sure if my other message got thru, so here goes again.

IGMP is an IP datagram like ICMP.  It uses the multicast range, Class D, IP
addresses: 224.0.0.0/4

You can drop those packets in iptables without issue.

Charles Hill


hilton de meillon wrote:


I have been doing a bit of research - there are numerous instances of 
iptables scripts containing rules to block IGMP using iptables - am I 
correct in saying that IGMP is on the network layer IP protocol 2 hence 
all the iptables rulesets claiming to block igmp are misinformed ?.

Is there a igmptables or any other way of selectively blocking IGMP 
using linux ?.

Hilton.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: CAN-2004-1137, Foundation Linux
Next by Date:  firewall 1.4, TJ Easter
Previous by Thread:  Re: CAN-2004-1137, Foundation Linux
Next by Thread:  Re: CAN-2004-1137, Foundation Linux
Indexes:  [Date] [Thread] [Top] [All Lists]