From owner-freebsd-questions Sat Jun 9 0:47:46 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 83F4A37B401 for ; Sat, 9 Jun 2001 00:47:43 -0700 (PDT) (envelope-from tedm@toybox.placo.com) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id f597lWl31124; Sat, 9 Jun 2001 00:47:36 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Cynic" , "Bill Moran" Cc: Subject: RE: IPFW rules and outward connections Date: Sat, 9 Jun 2001 00:47:32 -0700 Message-ID: <003201c0f0b8$70978200$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal In-Reply-To: <5.1.0.14.2.20010608225129.033afd70@mail.cz> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Cynic >Sent: Friday, June 08, 2001 2:00 PM >To: Bill Moran >Cc: freebsd-questions@FreeBSD.ORG >Subject: Re: IPFW rules and outward connections > > >Well, yes. Crackers seem to be mostly 15 years old kids. >Skim this article: http://grc.com/dos/grcdos.htm (and get While this is site is interesting as a writing and web project, just be aware that the author has put it together primariarly as an advertising vehicle to support his speaking career. He claims to be a scientist but you will not find anything on the site that is at all scientific, no technical details of any kind that would lend credibility to anything he says on it, and he routinely ignores any e-mails or technical communication on the topic. In short, you will not find anything on this site that will help you to make your own installation more secure. It's basically a site that has a evangelical fervor of someone attempting to use some wishy-washy technical talk to lead non-techies down some path. >ready to skip some whining about MS including fullblown >sockets implementation in NT 5 and up). Other than that, it's I frankly find this part of his website the most mysterious of all. He claims that Microsoft doing this makes it so that script kiddies can launch _unblockable_ DDoS attacks, and he claims that his site is routinely under such attacks. However, nowhere on the site does he actually provide any details as to what an _unblockable_ DDoS attack actually is. It sure would be nice to know and if he did some of us that know more about IP than he or his Verio engineers do might even be able to suggest a filter that would work. Certainly, he couldn't be worried that publishing the details of what this actually is would help the crackers, according to him they already know how to do it. I'm ust cautioning anyone who goes to this site looking for answers that you won't find any - you will find some very good writing that seems to provide answers and if you get into it you can have a lot of fun reading - but ultimately the site is nothing more than potato chip writing, there's no real meat there. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message