Date: Sun, 23 Nov 1997 20:51:55 +0300 From: Vladimir Uralsky <uwl@koala.lanck.ru> To: freebsd-security@FreeBSD.ORG Subject: Re: ipfw workaround for syn-loop attack, FreeBSD 2.2.5-STABLE Message-ID: <19971123205155.18430@koala.lanck.ru> In-Reply-To: <Pine.BSF.3.91.971121123958.235N-100000@panda.hilink.com.au>; from Daniel O'Callaghan on Fri, Nov 21, 1997 at 12:49:05PM %2B1100 References: <Pine.BSF.3.96.971120181102.12215A-100000@cyrus.watson.org> <Pine.BSF.3.91.971121123958.235N-100000@panda.hilink.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 21, 1997 at 12:49:05PM +1100, Daniel O'Callaghan wrote: > > Adding this to rc.firewall on FreeBSD is also a good idea. Multi-homed > > hosts require one entry per device, needless to say. > With terminal servers which have IP addresses which move from interface > to interface, the following rules are more generic: Can't understand, what's a difference between a traceroute -s 192.168.1.1 192.168.2.1 where both of them are local addresses of host, and exploit program? Why it isn't crash a 2.2.5? -- Vova.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971123205155.18430>