| 1 |
You should note that most attackers will only scan ports for which they |
| 2 |
have exploits for, few will run scanners in the way that system |
| 3 |
administrators do to test their own systems. They usually not all that |
| 4 |
concerned about which systems they compromise, but rather how many |
| 5 |
systems they compromise. |
| 6 |
|
| 7 |
> -----Original Message----- |
| 8 |
> From: Oliver Schad [mailto:o.schad@×××.de] |
| 9 |
> Sent: 08 January 2004 16:32 |
| 10 |
> To: gentoo-security@l.g.o |
| 11 |
> Subject: Re: [gentoo-security] firewall suggestions? |
| 12 |
> |
| 13 |
> |
| 14 |
> Am Donnerstag, 8. Januar 2004 17:06 schrieb mir Ryan Voots: |
| 15 |
> > On Thu, 8 Jan 2004 16:17:49 +0100 |
| 16 |
> > |
| 17 |
> > "Oliver Schad" <o.schad@×××.de> Add to Address Book wrote: |
| 18 |
> > > Probably you think ICMP is dangerous too. There are a lot of brain |
| 19 |
> > > dead admins who blocks ICMP packets and they wonder why |
| 20 |
> connections |
| 21 |
> > > to some websites are broken or if they administrate the |
| 22 |
> packet filter |
| 23 |
> > > before a webserver they wonder why some user grouches |
| 24 |
> they wouldn't |
| 25 |
> > > get a connection to the web server. |
| 26 |
> > |
| 27 |
> > thats one reason i don't block it, some services and things |
| 28 |
> use it to |
| 29 |
> > look for hosts that are up, what i wish i could do is some type of |
| 30 |
> > limit where it would only send replies to them at a certain |
| 31 |
> rate, just |
| 32 |
> > so that a ping -f on 12 machines to my machine wouldn't cause a huge |
| 33 |
> > bandwidth surge from my machine. |
| 34 |
> |
| 35 |
> A limit is a good way to protect from DDOS. |
| 36 |
> |
| 37 |
> mfg |
| 38 |
> Oli |
| 39 |
> |
| 40 |
> -- |
| 41 |
> gentoo-security@g.o mailing list |
| 42 |
> |
| 43 |
> |
| 44 |
|
| 45 |
-- |
| 46 |
gentoo-security@g.o mailing list |
Archives