Re: Defense against "Code Rainbow"

From: Brett Glass (
Date: 09/19/01

Date: Wed, 19 Sep 2001 14:37:10 -0600
To: Erick Mechler <>
From: Brett Glass <>

At 11:55 AM 9/19/2001, Erick Mechler wrote:

>What about using TCP wrapers? I'm not sure of the performance implications
>of doing so, but maybe it's worth a shot.

Apache doesn't play very well with TCP wrappers, as it likes to manage its
own sockets and process pool. Also, a wrapper wouldn't eliminate the overhead of
opening a socket. I'm trying to block the packets before that happens.


To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message