Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Frank Gruellich <frank@...>
Subject: Re: firewall suggestions?
Date: Thu, 8 Jan 2004 23:48:16 +0100
* Scott Taylor <scott@...>  8. Jan 04
> Replying in a specific manner which may have been at one point the
> proper and polite way for an IP stack to behave, often turns into a
> method for abuse.

Then make a new RFC.  It will be discussed.  (Avoid the time around 1.
April).

> Spoof a bunch of syn packets to a host you know replies with a rst,
> and it sends all those extra packets to a victim machine who never
> sent the syn packet in the first place. So that machine sends back
> "port unreachables" and further clogs up their network. 

Huh, RST isn't answered... thank you for making your savvy obvious.

> Add to that all the silly microsoft products that either blatantly
> ignore or just never bothered to read the appropriate RFC... For my
> network, I opt to spew out as few replies to unwanted traffic as
> possible. I've already got too many worms out there wasting my bandwidth
> trying to infect me with the sql slammer or whatever the worm of the day
> is.

There are periods you may ignore selected packets.  It's your admins job
to react to such things.

> I'd rather not waste any more of my bandwidth telling them that they
> can't connect here. They probably aren't even checking for an icmp
> unreachable message back from me anyway.

Wow, so crackers, spammers and MS's programers (all the same bunch) are
dictating the rules?  This net is not made for wormes or stupid
implemtations, but for communication.  If you don't want to communicate,
plug off.

Thank you,
 regards, Frank.
-- 
Sigmentation fault

--
gentoo-security@g.o mailing list

References:
Re: firewall suggestions?
-- Ben Cressey
Re: firewall suggestions?
-- Oliver Schad
Re: firewall suggestions?
-- Paul de Vrieze
Re: firewall suggestions?
-- Scott Taylor
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.