Subject: Re: port-unreachable and system reboot
To: Michael Richardson <firstname.lastname@example.org>
From: None <email@example.com>
Date: 05/27/2001 09:21:24
> When I reboot a system for some reason, I'd rather that anyone trying
>to access it just keep trying. Unfortunately, there is a window between
>ifconfig up, and starting the appropriate daemons when the system
>will return an ICMP port unreachable.
> I wonder if anyone has given any thought that perhaps one should not
>send this ICMP at all until a sysctl has been set? (Which would be done
>once all daemons are started)
> Aside from helping during bootup, this might also be useful to permit
>a system to be someone more stealthy.
how about an (additional) ipf rule during bootstrap?