Date: Tue, 16 Jul 2002 02:58:13 +0000 From: "zhang jack" <jack_zhangcl@hotmail.com> To: bvi@itouchlabs.com Cc: security@FreeBSD.ORG Subject: Re: syncache testing Message-ID: <F212ebm4M2S0gUFDKPG00005e2f@hotmail.com>
next in thread | raw e-mail | index | archive | help
Thanks for your reply. I have used Ipfilter,did you mean using port redirecting? rdr fxp0 210.96.1.1 port 80 -> 192.168.1.1 port 80 can it pass though syncache? I know Ipfilter hook the packets in the IP level. >From: Barry Irwin <bvi@itouchlabs.com> >To: zhang jack <jack_zhangcl@hotmail.com> >CC: security@FreeBSD.ORG >Subject: Re: syncache testing >Date: Tue, 16 Jul 2002 04:42:12 +0200 > >Hi > >I'm not overly familiar with the syncache code, but you _may_ be able to >make use of the syncache mitigation by having your server sitting behind the >BSD box, with traffic being natted. A solution that may work better is to >have a reverse proxy of sorts running on the BSD system which proxies >requests to your webservers. > >Barry > > >On Tue 2002-07-16 (02:24), zhang jack wrote: > > > > Hi, > > I am testing syncache on FreeBSD 4.6 stable,and it works fine, > > but I found it *only* protect syn flooding of itself,can it act > > as a gateway( or firewall ) to protect my www server? > > can anyone help me? > >-- >Barry Irwin bvi@itouchlabs.com +27214875177 >Systems Administrator: Networks And Security >iTouch TAS http://www.itouchlabs.com South Africa _________________________________________________________________ 享用世界上最大的电子邮件系统— MSN Hotmail。http://www.hotmail.com/cn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F212ebm4M2S0gUFDKPG00005e2f>