Re: [PATCH v2] add stealth mode

From: Matteo Croce
Date: Tue Jul 07 2015 - 11:24:59 EST

Next message: Mike Galbraith: "Re: [patch] Re: [PATCH RESEND] sched: prefer an idle cpu vs an idle sibling for BALANCE_WAKE"
Previous message: Alex Williamson: "Re: [PATCH 1/4] KVM: count number of assigned devices"
In reply to: Clemens Ladisch: "Re: [PATCH v2] add stealth mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2015-07-07 9:01 GMT+02:00 Clemens Ladisch <clemens@xxxxxxxxxx>:
> Valdis.Kletnieks@xxxxxx wrote:
>> On Thu, 02 Jul 2015 10:56:01 +0200, Matteo Croce said:
>>> Add option to disable any reply not related to a listening socket
>>
>> 2) You *do* realize that this isn't anywhere near sufficient in order
>> to actually make your machine "invisible", right? (Hint: What *other*
>> packets can be sent to a machine to provoke a response?)
>
> Even worse: if you want to pretend that the entire machine is "not there",
> you must make the router in front on you reply with an ICMP "destination
> unreachable" message.

You can't do sometimes, like in DSL lines where the router in front of
you is an ISP owned DSLAM

--
Matteo Croce
OpenWrt Developer
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mike Galbraith: "Re: [patch] Re: [PATCH RESEND] sched: prefer an idle cpu vs an idle sibling for BALANCE_WAKE"
Previous message: Alex Williamson: "Re: [PATCH 1/4] KVM: count number of assigned devices"
In reply to: Clemens Ladisch: "Re: [PATCH v2] add stealth mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]