Gentoo Archives: gentoo-security

From: Frank Gruellich <frank@××××××××××××.org>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 22:05:13
Message-Id: 20040108215141.GQ4413@home.manuelm.org
In Reply to: Re: [gentoo-security] firewall suggestions? by Ben Cressey
* Ben Cressey <ben@×××××.org>  8. Jan 04
> > To hide a host is always very stupid, why should you do this? There is no > > advantage. If you "hide" your computer an attacker knows there is an > > stupid guy who doesn't know anything about network security. > You're rather free with calling people "stupid" with little to no > justification.
Well, let's see.
> If I am just running a web server, nobody has any business connecting to any > port besides 80/tcp and 443/tcp. ICMP traffic is fine, but what legitimate > purpose is there in attempting a connection to another tcp port?
It's kinda social thing. If you tip my shoulder asking for time I would answer, that I have no clock. If I give no answer at all you would call me shy, taciturn, unsocial or, simply, stupid.
> It's not about hiding the server or some fictitious security gain -- > although as someone pointed out replying to potentially spoofed source > addresses could be leveraged into some form of DoS attack.
Would you please be so kind to explain that. I am still interested in this and still can't see how to use this in a DoS attack. In fact, there are many more efficient ways to DoS a host.
> As far as RFCs go, the only relevant excerpt I could find was quoted on > [snip]
You want to read RFC1812. Regards, Frank. -- Sigmentation fault -- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] firewall suggestions? Julian Phillips <julian@××××××××××××××.uk>