Gentoo Archives: gentoo-security

From:	Oliver Schad <o.schad@×××.de>
To:	gentoo-security@l.g.o
Subject:	Re: [gentoo-security] iptables window of opportunity at startup
Date:	Wed, 08 Feb 2006 11:35:07
Message-Id:	`43E9D61B.6070102@web.de`
In Reply to:	Re: [gentoo-security] iptables window of opportunity at startup by Tobias Klausmann

1	Tobias Klausmann wrote:
2	> On Tue, 07 Feb 2006, Francois Toussenel wrote:
3	>> (I would add that one might want to never respond to pings, for
4	>> instance, so starting iptables between net.eth0 and services seems not
5	>> enough.)
6	>
7	> Why (outside of s specific attack in that area) would one not
8	> respond to pings? Outside from a specific attack in that area
9	> happening, I see no reason to do so.
10
11	Everyone knows, that only stealthed hosts are secure. To archive this,
12	you have to block not only icmp but also arp. ;-)
13
14	Regards
15	Oli
16	--
17	gentoo-security@g.o mailing list

Subject	Author
Re: [gentoo-security] iptables window of opportunity at startup	Tobias Klausmann <klausman@××××××××××××.de>