Gentoo Archives: gentoo-security

From: Edward Faulkner <edward@×××.EDU>
To: "Thomas T. Veldhouse" <veldy@×××××.net>
Cc: Oliver Schad <o.schad@×××.de>, gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 16:28:42
In Reply to: Re: [gentoo-security] firewall suggestions? by "Thomas T. Veldhouse"
As has already been pointed out, using DROP would not slow down a good
scanner significantly.  You could parallelize so that you can scan as
many machines as you want, all within one timeout period.

And it only takes one good coder to arm all the script kiddies with a
good scanner.

-Ed Faulkner

On Thu, Jan 08, 2004 at 09:57:27AM -0600, Thomas T. Veldhouse wrote:
> Oliver Schad wrote: > > True, but if you do happen to have an exploitable service (i.e. the brk > issue with the linux kernel and rsync recently), a script kiddie might grow > tired of waiting for scan results from your network and go elsewhere. > Certainly slowing down potential hackers buys time and frustration for the > attacker if nothing else. The assumption that all potential attackers are > experts is not a good one. > > Tom Veldhouse > > > -- > gentoo-security@g.o mailing list >


File name MIME type
signature.asc application/pgp-signature


Subject Author
Re: [gentoo-security] firewall suggestions? "Thomas T. Veldhouse" <veldy@×××××.net>
Re: [gentoo-security] firewall suggestions? Chris K Ellsworth <cke@××××××××××××××××××.net>