Gentoo Archives: gentoo-security

From: Oliver Schad <o.schad@×××.de>
To: Daniel Privratsky <dsokrates@××××××.cz>, gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 20:05:45
In Reply to: Re: [gentoo-security] firewall suggestions? by Daniel Privratsky
Am Donnerstag, 8. Januar 2004 18:57 schrieb mir Daniel Privratsky:
> Wrong. > > 1) If you don't receive "destination unreachable" packet, you know > nothing about the target host yet. This is not perfect-network world. > There can be other fw/router anywhere in the way, killing this type of > icmp traffic. > > 2) It slows scans a lot. You can of course do scannig in parallel, but > don't be surprised, when you find yourself killed with no mercy by IDS, > after matching SYN threshold. 1000+ syns/sec form IP adress to > monitored system is sure ban.
What the fuck... I don't understand this, we want to break internet standards because some script kids could be (under some circumstances) a little bit slower with their attacks, which can only be successful, when an administrator is too stupid to configure his systems. Is that the argumentation for breaking internet standards? *argh* mfg Oli -- gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] firewall suggestions? Daniel Privratsky <dsokrates@××××××.cz>