Re: stoping net scans

To: José A. Guzmán <jose@iteso.mx>
Cc: debian-firewall@lists.debian.org
Subject: Re: stoping net scans
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Sat, 12 Apr 2003 19:23:43 +0200
Message-id: <[🔎] 20030412172343.GA5770@lina.inka.de>
In-reply-to: <[🔎] 1050166210.3e9843c2cf485@correo.iteso.mx>
References: <[🔎] 1050166210.3e9843c2cf485@correo.iteso.mx>

On Sat, Apr 12, 2003 at 11:50:10AM -0500, José A. Guzmán wrote:
>  What are you guys using to block incoming port scans?

It is not a good idea to do this, since it opens deny of service attacks a
big window. The attacker has only to spoof important ip addresses and your
firewall will happyly block them.

Also there is no gain in stopping netscans if you are not vulnerable in the
first place.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- stoping net scans
  - From: José A. Guzmán <jose@iteso.mx>

Prev by Date: stoping net scans
Next by Date: Re: stoping net scans
Previous by thread: stoping net scans
Next by thread: Re: stoping net scans
Index(es):
- Date
- Thread