Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
Am Donnerstag, 8. Januar 2004 18:57 schrieb mir Daniel Privratsky:
> Wrong.
>
> 1) If you don't receive "destination unreachable" packet, you know
> nothing about the target host yet. This is not perfect-network world.
> There can be other fw/router anywhere in the way, killing this type of
> icmp traffic.
>
> 2) It slows scans a lot. You can of course do scannig in parallel, but
> don't be surprised, when you find yourself killed with no mercy by IDS,
> after matching SYN threshold. 1000+ syns/sec form IP adress to
> monitored system is sure ban.
What the fuck...
I don't understand this, we want to break internet standards because some
script kids could be (under some circumstances) a little bit slower with
their attacks, which can only be successful, when an administrator is too
stupid to configure his systems. Is that the argumentation for breaking
internet standards?
*argh*
mfg
Oli
--
gentoo-security@g.o mailing list
|
|
