Re: xinetd /etc/host.deny ALL:PARANOID

To: debian-isp@lists.debian.org, debian-user@lists.debian.org
Subject: Re: xinetd /etc/host.deny ALL:PARANOID
From: wagnerc@plebeian.com (Chris Wagner)
Date: Thu, 10 Jan 2002 23:56:51 -0500
Message-id: <[🔎] 200201110456.g0B4upp04932@mail.goodnews.net>

At 04:22 AM 1/11/02 +0100, martin f krafft wrote:
>a bogus IP won't even make it past OSI layer 4 on debian... rp_filter...

There are ways of doing it such that the box has NO WAY of knowing that the
traffic is spoofed.  Granted, that is hard to do.  Even paranoid lookups can
be overcome.  But it's just one more layer of defense and one more thing an
attacker has to contend with.

>interesting signature. serious or not?

But of course.

--
REMEMBER THE WORLD TRADE CENTER         ---=< WTC 911 >=--

00000100

Reply to:

Follow-Ups:
- Re: xinetd /etc/host.deny ALL:PARANOID
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: Re: xinetd /etc/host.deny ALL:PARANOID
Next by Date: Re: xinetd /etc/host.deny ALL:PARANOID
Previous by thread: Re: xinetd /etc/host.deny ALL:PARANOID
Next by thread: Re: xinetd /etc/host.deny ALL:PARANOID
Index(es):
- Date
- Thread