Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Daniel Privratsky <dsokrates@...>
Subject: Re: firewall suggestions?
Date: Thu, 08 Jan 2004 18:57:28 +0100
Wrong.

1) If you don't receive "destination unreachable" packet, you know
nothing about the target host yet. This is not perfect-network world.
There can be other fw/router anywhere in the way, killing this type of
icmp traffic.

2) It slows scans a lot. You can of course do scannig in parallel, but
don't be surprised, when you find yourself killed with no mercy by IDS,
after matching SYN threshold. 1000+ syns/sec form IP adress to monitored
system is sure ban.

Daniel Privratsky



Oliver Schad wrote:

> Am Mittwoch, 7. Januar 2004 23:05 schrieb mir Mark Hurst:
> 
>>It's much better to have a firewall than just have ports not open. Even
>>though a port is not open it can reveal the presence of your machine by
>>the manner in which the IP stack responds to a connection attempt.
>>Using a firewall you can drop those packets, making all your closed
>>ports invisible.
> 
> 
> If you want to invisible, the next router to you have to send an ICMP 
> packet with "host unreachable". If you say nothing anybody with some 
> brain between his ears knows there is a very intelligent guy that want to 
> be invisible.
> 
> mfg
> Oli
> 
> --
> gentoo-security@g.o mailing list
> 
> 




--
gentoo-security@g.o mailing list

Replies:
Re: firewall suggestions?
-- Oliver Schad
Re: firewall suggestions?
-- Alexander Schreiber
References:
firewall suggestions?
-- Pooh Sun Tzu
Re: firewall suggestions?
-- Mark Hurst
Re: firewall suggestions?
-- Oliver Schad
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.