Re: [fw-wiz] Wayyy too many spoofed packets
From: Chris de Vidal (chris_at_devidal.tv)
Date: 11/21/03
- Previous message: Karl D. Mueller: "RE: [fw-wiz] Skip the PDM"
- In reply to: Paul Robertson: "Re: [fw-wiz] Wayyy too many spoofed packets"
- Next in thread: Chris de Vidal: "RE: [fw-wiz] Wayyy too many spoofed packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Paul Robertson" <proberts@patriot.net> Date: Fri, 21 Nov 2003 15:40:02 -0500 (EST)
Paul Robertson said:
> It's probably just weird broadcast handling, since once your workstation
> puts the packets out on the wire, and the destination is broadcast, it's
> obligated to accept them off the wire so that an application can handle
> them.
Ahh, now that makes sense. The packet is being broadcast and the sending
interface is also the recieving interface and I get a match.
I'll see if I can add broadcast ignoring to that spoof protection.
Thanks!
/dev/idal
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Karl D. Mueller: "RE: [fw-wiz] Skip the PDM"
- In reply to: Paul Robertson: "Re: [fw-wiz] Wayyy too many spoofed packets"
- Next in thread: Chris de Vidal: "RE: [fw-wiz] Wayyy too many spoofed packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
