Gentoo Linux -- List Archive: gentoo-security

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647

List Archive: gentoo-security

Navigation:

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >

Headers:

To:	'Frank Gruellich' <frank@...>, gentoo-security@g.o
From:	Benjamin Jury <benjamin.jury@...>
Subject:	RE: firewall suggestions?
Date:	Thu, 8 Jan 2004 14:54:33 -0000

> * Thomas T. Veldhouse <veldy@...>  8. Jan 04
> > Oliver Schad wrote:
> > > [DROP or REJECT]
> > One reason ... it slows down various scans.
> 
> No, it doesn't.  It would, if $scanner sends one SYN and wait for the
> answer to it.  In fact it sends you SYNs to all your ports at once and
> collects answers (or not) in parallel.  You extend the scan 
> time for one
> timeout (which is nothing (~3min?) against the time to send all
> requests).

If you reject the packet does it not allow you to be used for DOSing a host
via a spoofed IP?

--
gentoo-security@g.o mailing list

Replies:

Re: firewall suggestions?
-- Frank Gruellich

Navigation:

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >

Previous by thread:

Re: firewall suggestions?

Next by thread:

Re: firewall suggestions?

Previous by date:

Re: firewall suggestions?

Next by date:

Re: firewall suggestions?

Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.