Gentoo Archives: gentoo-security

From: Giles Coochey <giles.coochey@××××××××××××××××.com>
To: gentoo-security@l.g.o
Subject: RE: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 17:14:01
Message-Id: 4926A5BE4AFE7C4A83D5CF5CDA7B77543B8BB1@oxcore01.mirada-solutions.com
You should note that most attackers will only scan ports for which they
have exploits for, few will run scanners in the way that system
administrators do to test their own systems. They usually not all that
concerned about which systems they compromise, but rather how many
systems they compromise.

> -----Original Message----- > From: Oliver Schad [mailto:o.schad@×××.de] > Sent: 08 January 2004 16:32 > To: gentoo-security@l.g.o > Subject: Re: [gentoo-security] firewall suggestions? > > > Am Donnerstag, 8. Januar 2004 17:06 schrieb mir Ryan Voots: > > On Thu, 8 Jan 2004 16:17:49 +0100 > > > > "Oliver Schad" <o.schad@×××.de> Add to Address Book wrote: > > > Probably you think ICMP is dangerous too. There are a lot of brain > > > dead admins who blocks ICMP packets and they wonder why > connections > > > to some websites are broken or if they administrate the > packet filter > > > before a webserver they wonder why some user grouches > they wouldn't > > > get a connection to the web server. > > > > thats one reason i don't block it, some services and things > use it to > > look for hosts that are up, what i wish i could do is some type of > > limit where it would only send replies to them at a certain > rate, just > > so that a ping -f on 12 machines to my machine wouldn't cause a huge > > bandwidth surge from my machine. > > A limit is a good way to protect from DDOS. > > mfg > Oli > > -- > gentoo-security@g.o mailing list > >
-- gentoo-security@g.o mailing list