Re: hiding OS name

From: Klaus Steden (klaus@compt.com)
Date: 07/08/02


Date: Mon, 8 Jul 2002 17:22:51 -0400
From: Klaus Steden <klaus@compt.com>
To: Peter Pentchev <roam@ringlet.net>


>
> I know I'm going to regret posting in this thread, but so be it :)
>
> Does your friend know that, unlikely as it is made by modern ingress and
> egress routing practices, IP spoofing is still not quite ruled out?
> Will your friend's portsentry setup happily blackhole e.g. his ISP's
> nameserver, or the root nameservers, or www.cnn.com's IP addresses,
> simply because somebody found a way to send a TCP SYN packet with a
> forged source address to e.g. your friend's machine's port 3? :)
>
That's his problem, though, not mine. :>

Klaus

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message