Gentoo Logo
Gentoo Spaceship

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
To: gentoo-security@g.o
From: Benjamin Jury <benjamin.jury@...>
Subject: RE: firewall suggestions?
Date: Thu, 8 Jan 2004 16:49:32 -0000

> From: Frank Gruellich [mailto:frank@...]
> * Benjamin Jury <benjamin.jury@...>  8. Jan 04
> > If you reject the packet does it not allow you to be used 
> > for DOSing a host
> > via a spoofed IP?

> I can't see, how to DoS somebody this way.  It binds on attackers side
> as much resources as on victims one.  A DDoS with many more hosts,
> flooding rejecting filters with pakets of _one_ spoofed IP# 
> (the one of the victim) could do some damage,

I apologise, I did mean a DDOS. Though as you said it would not be the 
most efficient way of performing such an attack.

> but discarding pakets is much less expensive than sending answers.

Although that would be a fair reason to simply drop the packets.

Anyway, Ill go back to lurking. :)

gentoo-security@g.o mailing list

Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
RE: firewall suggestions?
Previous by date:
Re: OT: firewall suggestions?
Next by date:
RE: firewall suggestions?

Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.