1 |
You should note that most attackers will only scan ports for which they |
2 |
have exploits for, few will run scanners in the way that system |
3 |
administrators do to test their own systems. They usually not all that |
4 |
concerned about which systems they compromise, but rather how many |
5 |
systems they compromise. |
6 |
|
7 |
> -----Original Message----- |
8 |
> From: Oliver Schad [mailto:o.schad@×××.de] |
9 |
> Sent: 08 January 2004 16:32 |
10 |
> To: gentoo-security@l.g.o |
11 |
> Subject: Re: [gentoo-security] firewall suggestions? |
12 |
> |
13 |
> |
14 |
> Am Donnerstag, 8. Januar 2004 17:06 schrieb mir Ryan Voots: |
15 |
> > On Thu, 8 Jan 2004 16:17:49 +0100 |
16 |
> > |
17 |
> > "Oliver Schad" <o.schad@×××.de> Add to Address Book wrote: |
18 |
> > > Probably you think ICMP is dangerous too. There are a lot of brain |
19 |
> > > dead admins who blocks ICMP packets and they wonder why |
20 |
> connections |
21 |
> > > to some websites are broken or if they administrate the |
22 |
> packet filter |
23 |
> > > before a webserver they wonder why some user grouches |
24 |
> they wouldn't |
25 |
> > > get a connection to the web server. |
26 |
> > |
27 |
> > thats one reason i don't block it, some services and things |
28 |
> use it to |
29 |
> > look for hosts that are up, what i wish i could do is some type of |
30 |
> > limit where it would only send replies to them at a certain |
31 |
> rate, just |
32 |
> > so that a ping -f on 12 machines to my machine wouldn't cause a huge |
33 |
> > bandwidth surge from my machine. |
34 |
> |
35 |
> A limit is a good way to protect from DDOS. |
36 |
> |
37 |
> mfg |
38 |
> Oli |
39 |
> |
40 |
> -- |
41 |
> gentoo-security@g.o mailing list |
42 |
> |
43 |
> |
44 |
|
45 |
-- |
46 |
gentoo-security@g.o mailing list |