On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: > Karl E. Jorgensen <karl@jorgensen.com> wrote: > > Doesn't this leave you open to DOS attacks? I'm thinking that source IP > > addresses are relatively easy to forge, and hence an attacher can forge > > a nimda attach and cause you to block off legitimate IP addresses - > > ie. your DNS server our default gateway... > > To forge a Nimda attack would require you to forge a TCP connection. That's > not easy, unless the attacker is on the network path to the forged address. Obvious, but true. I stand(/sit?) corrected. > -- > Sam Couter | Internet Engineer | http://www.topic.com.au/ > sam@topic.com.au | tSA Consulting | > OpenPGP key ID: DE89C75C, available on key servers > OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C -- Karl E. Jørgensen karl@jorgensen.com www.karl.jorgensen.com ==== Today's fortune: We don't know who it was that discovered water, but we're pretty sure that it wasn't a fish. -- Marshall McLuhan
Attachment:
pgp9p9j4ejmHL.pgp
Description: PGP signature