RE: attacks
> -----Original Message-----
> From: Mark Ferlatte [mailto:ferlatte@cryptio.net]
> Sent: Tuesday, June 04, 2002 12:34 PM
> To: 'debian'
> Subject: Re: attacks
>
> > You probably want to add some route verification too:
> > for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
> > echo 1 > $f
> > done
>
> Debian turns this on by default, so you don't have to do it by hand.
> But you can if you really want to.
Oh OK, I seem to remember reading that. But, that brings up a point
I've been trying to resolve... would "2" be better? What would be the
implications of using it, more overhead?
> > Anyway, what I would do is block TCP & UDP 0-19. This tosses
>
> What I would do instead is to set your default policy to DROP
Yeah, forgot to mention that the first time around. ;)
Jeff Bonner
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- Follow-Ups:
- I'm new
- From: "Lic. Hector Navarro" <chipo@mvssanluis.net>
- Re: attacks
- From: Mark Ferlatte <ferlatte@cryptio.net>