> From: Frank Gruellich [mailto:frank@××××××××××××.org]
> * Benjamin Jury <benjamin.jury@××××.com> 8. Jan 04
> > If you reject the packet does it not allow you to be used
> > for DOSing a host
> > via a spoofed IP?
> I can't see, how to DoS somebody this way. It binds on attackers side
> as much resources as on victims one. A DDoS with many more hosts,
> flooding rejecting filters with pakets of _one_ spoofed IP#
> (the one of the victim) could do some damage,
I apologise, I did mean a DDOS. Though as you said it would not be the
most efficient way of performing such an attack.
> but discarding pakets is much less expensive than sending answers.
Although that would be a fair reason to simply drop the packets.
Anyway, Ill go back to lurking. :)
firstname.lastname@example.org mailing list