Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: <gentoo-security@g.o>
From: "Bob Crain" <robert.crain@...>
Subject: RE: firewall suggestions?
Date: Fri, 9 Jan 2004 04:14:55 -0500
I agree, it would be an obvious spoof to the gateway, but I think when
packets are being routed, devices are only concerning themselves with
how to get the packet to the destination.  I'm more concerned with
fooling the would-be attacker.  I could even go so far as trying to
determine what brand/model my gateway is, so that way my 'spoofed'
replies could match it's fingerprinting characteristics (TTL, DF, MSS,
MTU, etc.)  Of course, this is all useless if I am providing any
services to the Internet.  But if I'm not, would it reduce the number of
attacks if they can't see me?

-----Original Message-----
From: Frank Gruellich [mailto:frank@...] 
Sent: Friday, January 09, 2004 3:05 AM
To: gentoo-security@g.o
Subject: Re: [gentoo-security] firewall suggestions?

* Bob Crain <robert.crain@...>  8. Jan 04
> I've got DSL, and I know the IP of my gateway.  When I want to appear
> invisible, I respond to unwanted packets with a 'REJECT - ICMP host
> unreachable' that has a spoofed source address of my gateway?  That
way,
> it looks like the gateway responded and I don't exist!   
> 
> Whadduya think?

Nice idea, but the packet has to traverse the gateway, too... a gateway
that forwards a paket with itself as origin?  This would be a very
obvious spoof.

 Regards, Frank.
-- 
Sigmentation fault

--
gentoo-security@g.o mailing list




--
gentoo-security@g.o mailing list

References:
Re: firewall suggestions?
-- Frank Gruellich
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.