IP filter
What must I realize to use IP filter?. Install a package?. Only modify a
configuration file?. Is it a Linux kernel option?.
My trouble is that I want carry out the below 'nessus' advice:
Vulnerability found on port general/tcp
It was possible
to make the remote server crash
using the 'stream.c' attack.
A cracker may use this attack to
shut down this server, thus
preventing your network from
working properly.
Solution : contact your operating
system vendor for a patch.
Workaround : if you use ***IP filter***,
then add these rules :
block in quick proto tcp from any to any head 100
pass in quick proto tcp from any to any flags S keep state group 100
pass in all
Risk factor : High
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: