[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why does Debian allow all incoming traffic by default

> [...]
>> >The benefit is that one cannot pinpoint the real attacker, of course.
>> Isn't the same benefit provided by just forging the source address ?
> If all the routers in the path play along... but then, they are all
> broken.

There's also the fact that all those RST packets can come from all over
the place and they come from where they say they come.
So they're a lot more difficult to block, compared to packets with
a forged source address all coming from the same IP.


Reply to: