Gentoo Archives: gentoo-security

From: Benjamin Jury <benjamin.jury@××××.com>
To: 'Frank Gruellich' <frank@××××××××××××.org>, gentoo-security@l.g.o
Subject: RE: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 15:14:56
Message-Id: 24DC688F52AAD611B60900096BB0B440015D8B2A@chapar.mpuk.com
1 > * Thomas T. Veldhouse <veldy@×××××.net> 8. Jan 04
2 > > Oliver Schad wrote:
3 > > > [DROP or REJECT]
4 > > One reason ... it slows down various scans.
5 >
6 > No, it doesn't. It would, if $scanner sends one SYN and wait for the
7 > answer to it. In fact it sends you SYNs to all your ports at once and
8 > collects answers (or not) in parallel. You extend the scan
9 > time for one
10 > timeout (which is nothing (~3min?) against the time to send all
11 > requests).
12
13 If you reject the packet does it not allow you to be used for DOSing a host
14 via a spoofed IP?
15
16 --
17 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] firewall suggestions? Frank Gruellich <frank@××××××××××××.org>