IP filter

To: <debian-isp@lists.debian.org>
Subject: IP filter
From: "Davi Leal" <david.leal@ene.es>
Date: Wed, 10 Jul 2002 14:49:07 +0200
Message-id: <[🔎] 00cc01c22810$2e259d40$0507e0c2@ene.es>

What must I realize to use IP filter?. Install a package?. Only modify a
configuration file?. Is it a Linux kernel option?.
My trouble is that I want carry out the below 'nessus' advice:




Vulnerability found on port general/tcp


It was possible
to make the remote server crash
using the 'stream.c' attack.

A cracker may use this attack to
shut down this server, thus
preventing your network from
working properly.

Solution : contact your operating
system vendor for a patch.

Workaround : if you use ***IP filter***,
then add these rules :

block in quick proto tcp from any to any head 100
pass in quick proto tcp from any to any flags S keep state group 100
pass in all


Risk factor : High



-- 
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Re: Users deleting public_html and log causing Apache to fail startup
Next by Date: Extended find an replace SOS
Previous by thread: Unidentified subject!
Next by thread: Re: IP filter
Index(es):
- Date
- Thread