[TCLUG] Fun with codered.

Fri Aug 3 19:27:41 CDT 2001

Callum Lerwick <seg at haxxed.com> wrote:
> 
> Okay so I managed to capture a copy of codered, and am having all kinds
> of fun picking it apart.
> 
> And have also discovered why I'm seeing all kinds of broadcast pinging
> across my network. Seems the dominant strain of codered has been hacked
> to ping broadcast instead of the whitehouse. Bastards. ;P

Eesh..

Well, for people out there who don't want to be part of that problem

  echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

or add this line to /etc/sysctl.conf

  net.ipv4.icmp_echo_ignore_broadcasts=1

I believe that this may also reduce the number of portscans you get, since
some tools may do a broadcast ping to a subnet before scanning for
systems.

-- 
 _  _  _  _ _  ___    _ _  _  ___ _ _  __   Do you want fries with 
/ \/ \(_)| ' // ._\  / - \(_)/ ./| ' /(__   that? 
\_||_/|_||_|_\\___/  \_-_/|_|\__\|_|_\ __)                             
[ Mike Hicks | http://umn.edu/~hick0088/ | mailto:hick0088 at tc.umn.edu ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010803/6a854577/attachment.pgp