RE: Mail relay attempts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you use Iptables and you block spoofed addresses with Iptables,
will that stop the spoofing in their tracks, therefore decreasing the
chance of a DOS?
Sincerely,
Daniel J. Rychlik
" Money does not make the world go round , Gravity does ."
- -----Original Message-----
From: Rolf Kutz [mailto:kutz@netcologne.de]
Sent: Thursday, August 29, 2002 5:18 AM
To: Debian-Security@Lists. Debian. Org
Subject: Re: Mail relay attempts
* Quoting Jones, Steven (sjones08@eds.com):
> Ive found port sentry really good for detecting port scans and then
> routeing the return packets to no where.
That makes you open to DoS-Attacks. Someone could
scan you with spoofed source-IP and disconnect
your box. A tarpit is a much better aproach than a
(dynamic) blocklist.
- - Rolf
- --
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1
iQA/AwUBPW37regW0zo5qpEdEQI9XwCgzHZe9C/qZdY+sbKnVaQ3q/CY9aQAn2gi
bQCMFujuUVmVOexSO2eLeYbh
=JyBm
-----END PGP SIGNATURE-----
Reply to: