Re: Continuous medium traffic fake Syn packets

From: Seth Arnold (sarnold@wirex.com)
Date: 10/13/02


Date: Sun, 13 Oct 2002 00:22:51 -0700
From: Seth Arnold <sarnold@wirex.com>
To: focus-linux@securityfocus.com


On Fri, Oct 11, 2002 at 12:12:51PM +0200, Philipp Schulte wrote:
> The only way this problem could be really solved is when all ISPs
> start to use ingress-filtering (RFC2267) so no packets with faked
> IP-addresses would leave their network in the first place.

ObPedant: ingress filtering is filtering _incoming_ traffic. Filtering
outgoing traffic is egress filtering. And I would be pleased if more
providers put the effort into filtering their networks' outgoing traffic
to ensure the source host IPs are valid.

-- 
"A mouse can be just as dangerous as a bullet or a bomb."
-- US Representative Lamar Smith (R-Texas)




Relevant Pages

  • RE: FreeBSD router two DSL connections
    ... >> control how traffic goes OUT of your network. ... > filtering is simply wrong. ... el-cheapo DSL routers that are network address translators, ... 7206 VXR's now, any ISP under 10,000 customers can easily ...
    (freebsd-questions)
  • Re: using wireless internet without security
    ... I know that using security (password or Mac-address filtering) is often ... Can virus spread across a wireless network between computers which are ... spreading to you from the internet right now. ...
    (alt.computer.security)
  • Re: IRC-based Olympic Coverage
    ... >>is why nearly every corporate network in existance ... > While ICS has its place, you are too uninformed to realise that other ... Content filtering will be done ... waste money buying a hardware appliance, ...
    (comp.security.firewalls)
  • Re: Unknown computer on home network
    ... >> I'm guessing that you are using a wireless network here. ... >> filtering on your router. ... That way only computers that are entered into ... > MAC filtering can be broken in seconds. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Connection Filtering Allow IPs and Exchange 2003 SP2
    ... >that IMF and connection filtering are different but in the pre-SP2 ... >So we have our internal network in there as well. ...
    (microsoft.public.exchange.admin)