RE: Mail relay attempts

To: "'Rolf Kutz'" <kutz@netcologne.de>, "'Debian-Security@Lists. Debian. Org'" <debian-security@lists.debian.org>
Subject: RE: Mail relay attempts
From: "Daniel J. Rychlik" <daniel@rychlik.ws>
Date: Thu, 29 Aug 2002 05:47:10 -0500
Message-id: <[🔎] 000001c24f49$6d836610$0700000a@mars>
Reply-to: <daniel@rychlik.ws>
In-reply-to: <[🔎] 20020829101734.GC20449@afrika>

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you use Iptables and you block spoofed addresses with Iptables,
will that stop the spoofing in their tracks, therefore decreasing the
chance of a DOS?  

Sincerely,

Daniel J. Rychlik
" Money does not make the world go round , Gravity does ."



- -----Original Message-----
From: Rolf Kutz [mailto:kutz@netcologne.de] 
Sent: Thursday, August 29, 2002 5:18 AM
To: Debian-Security@Lists. Debian. Org
Subject: Re: Mail relay attempts


* Quoting Jones, Steven (sjones08@eds.com):

> Ive found port sentry really good for detecting port scans and then
>  routeing the return packets to no where.

That makes you open to DoS-Attacks. Someone could
scan you with spoofed source-IP and disconnect
your box. A tarpit is a much better aproach than a
(dynamic) blocklist.

- - Rolf


- -- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1

iQA/AwUBPW37regW0zo5qpEdEQI9XwCgzHZe9C/qZdY+sbKnVaQ3q/CY9aQAn2gi
bQCMFujuUVmVOexSO2eLeYbh
=JyBm
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Mail relay attempts
  - From: Dale Amon <amon@vnl.com>
- Re: Mail relay attempts
  - From: Nathan E Norman <nnorman@micromuse.com>

References:
- Re: Mail relay attempts
  - From: Rolf Kutz <kutz@netcologne.de>

Prev by Date: Re: Mail relay attempts
Next by Date: Re: Mail relay attempts
Previous by thread: Re: Mail relay attempts
Next by thread: Re: Mail relay attempts
Index(es):
- Date
- Thread