Folks, On Tue, Jan 23, 2001 at 04:33:28PM -0600, An Thi-Nguyen Le wrote: > [Rainer Weikusat - Tue, 23 Jan 2001 09:41:57 AM CST] > > David Duffey <email@davidduffey.com> writes: > > > I highly suggest portsentry and logcheck, > > > > Avoid portsentry. It's literally uselesss. > > You could list reasons why it's useless. For me, I usually run it in > stealth mode (no, I'm not afraid of the spoof attack; that's what > turning on spoof detection in the kernel is for), and it's served me The Linux kernel's reverse path filter will not protect you from spoofed packets that originate outside your control. The reverse path filter is intended to prevent your host from sending/routing spoofed packets. The only way under IPv4 be safe from spoofing is for everyone to implement proper Network Ingress Filtering [RFC2827, BCP0038] on their networks. Please, read this RFC. http://www.faqs.org/rfc/rfc2827.txt Yours sincerely, -- Mark John Suter | I know that you believe you understand suter@humbug.org.au | what you think I said, but I am not sure GPG key id F2FEBB36 | you realise that what you heard is not Ph: +61 4 1126 2316 | what I meant. anonymous
Attachment:
pgp2xXamCaO3n.pgp
Description: PGP signature