Gentoo Archives: gentoo-security

From: Tad Glines <tad@××××××.com>
To: gentoo-security@l.g.o
Subject: RE: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Fri, 07 Oct 2005 02:42:19
Message-Id: 003301c5cae8$118ace20$0200080a@SPRITE
In Reply to: Re: [gentoo-security] [OT?] automatically firewalling off IPs by Matan Peled
The intent wasn't to be 100% secure. It was to really slow down the script
kiddies that where clogging my server logs.

As for IP spoofing. Spoofing an IP packet source address is really easy,
which is why blocking DDoS attacks can be difficult. However, if you want to
have an actual two-way conversation with a computer you have to find a third
host that supports loose source routing (any older windoze box will do).
Most infrastructure routers on the net drop/block packets with source route
options so spoofing the source IP of a TCP conversation is not generally
practical over the internet.


> -----Original Message----- > From: Matan Peled [mailto:chaosite@×××××.com] > Sent: Thursday, October 06, 2005 1:14 AM > To: gentoo-security@l.g.o > Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Tad Glines wrote: > > These rules only block out the offending IP. All others remain un- > blocked. > > IP spoofing. It isn't that far fetched, really... > > > - -- > [Name ] :: [Matan I. Peled ] > [Location ] :: [Israel ] > [Public Key] :: [0xD6F42CA5 ] > [Keyserver ] :: [] > encrypted/signed plain text preferred > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFDRNy9A7Qvptb0LKURAhauAJ9eAx9RhXOGfWz2h6BX122ULW1JGgCfTEyT > v+4I9OQxcEWAuuqYenD+ejk= > =PQtc > -----END PGP SIGNATURE----- > -- > gentoo-security@g.o mailing list
-- gentoo-security@g.o mailing list


Subject Author
RE: [gentoo-security] [OT?] automatically firewalling off IPs Eric Paynter <eric@×××××××××××.com>