Folks,
On Tue, Jan 23, 2001 at 04:33:28PM -0600, An Thi-Nguyen Le wrote:
> [Rainer Weikusat - Tue, 23 Jan 2001 09:41:57 AM CST]
> > David Duffey <email@davidduffey.com> writes:
> > > I highly suggest portsentry and logcheck,
> >
> > Avoid portsentry. It's literally uselesss.
>
> You could list reasons why it's useless. For me, I usually run it in
> stealth mode (no, I'm not afraid of the spoof attack; that's what
> turning on spoof detection in the kernel is for), and it's served me
The Linux kernel's reverse path filter will not protect you from
spoofed packets that originate outside your control. The reverse
path filter is intended to prevent your host from sending/routing
spoofed packets.
The only way under IPv4 be safe from spoofing is for everyone to
implement proper Network Ingress Filtering [RFC2827, BCP0038] on
their networks. Please, read this RFC.
http://www.faqs.org/rfc/rfc2827.txt
Yours sincerely,
-- Mark John Suter | I know that you believe you understand
suter@humbug.org.au | what you think I said, but I am not sure
GPG key id F2FEBB36 | you realise that what you heard is not
Ph: +61 4 1126 2316 | what I meant. anonymous
Attachment:
pgp2xXamCaO3n.pgp
Description: PGP signature