Answer the question
In order to leave comments, you need to log in
How to block ICMP traffic to my VPN server?
Good day Lord.
reading habra, https://habrahabr.ru/post/263557/
There was a question about bringing the vpn server to mind ...
I don’t have any special knowledge. that's why I'm dealing with questions like this. The
context is
Tunnel definition (two-way ping)
By running a ping to the client IP, from our server side, you can find out the approximate length of the route. The same can be done from the browser side, XMLHTTPRequest pulls an empty page of our nginx. The resulting loop difference of more than 30 ms can be interpreted as a tunnel.
Of course, the routes back and forth may differ, or the web server is a little slow, but in general, the accuracy is quite good.
The only way to protect yourself is to deny ICMP traffic to your VPN server.
Here to mean, it is necessary to restrict access to the ICMP protocol on my machine.?
If I understand everything correctly, how can I do it? on a poppy.
On shindous I found solutions, but as on a poppy ... =((
Answer the question
In order to leave comments, you need to log in
Here is the answer on how to do it on OSX
superuser.com/questions/505128/deny-access-to-a-port-from-localhost-on-osx It's
not really different from other nix systems.
PS: in addition, in my opinion, you are approaching the issue from the wrong side. You need to disable icmp on the server side.
Hello! Tell me, I'm interested in an application for connecting to a VPN or connecting to it, but only via the protocol for Android, but only so that in the event of a connection break, it is automatically resumed only via a secure channel.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question