Re: options TCP_DROP_SYNFIN
From: Dag-Erling Smorgrav (des@ofug.org)
Date: 01/13/02
- Next message: Simon Siemonsma: "Which intrusion detection to use?"
- Previous message: Jay-P: "(no subject)"
- In reply to: Bill Fumerola: "Re: options TCP_DROP_SYNFIN"
- Next in thread: Dag-Erling Smorgrav: "Re: options TCP_DROP_SYNFIN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Bill Fumerola <billf@mu.org> From: Dag-Erling Smorgrav <des@ofug.org> Date: 13 Jan 2002 05:16:52 +0100
Bill Fumerola <billf@mu.org> writes:
> On Sat, Jan 12, 2002 at 04:32:52PM +0100, Dag-Erling Smorgrav wrote:
> > You've never run an IRC server, have you?
> is that the requirement for commenting?
No, but his comments made it clear that he was not familiar with the
attack patterns IRC servers were subject to.
> ok, i don't see any reasons why
> this is a kernel option when the exact same functionality is available
> from both firewall facilities we currently ship.
Overhead. That might not be an issue anymore, though. I don't know
how fast ipfw is these days.
DES
-- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Simon Siemonsma: "Which intrusion detection to use?"
- Previous message: Jay-P: "(no subject)"
- In reply to: Bill Fumerola: "Re: options TCP_DROP_SYNFIN"
- Next in thread: Dag-Erling Smorgrav: "Re: options TCP_DROP_SYNFIN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
