Date: Mon, 2 May 2005 12:32:32 -0500 (GMT-05:00) From: gandalf@digital.net To: c0ldbyte <c0ldbyte@myrealbox.com> Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD and the Rose Attack / NewDawn Message-ID: <11765553.1115055152501.JavaMail.root@wamui01.slb.atl.earthlink.net>
next in thread | raw e-mail | index | archive | help
Greetings and Salutations: From: c0ldbyte <c0ldbyte@myrealbox.com> > On Mon, 2 May 2005 gandalf@digital.net wrote: >> I *just* got my FreeBSD setup stable and working with a KDE >> GUI. :-). I know, easy for you guys but this is the first time I >> have set up FreeBSD with automatic updates. I settled on >> FreeBSD 5.4 after many tries. > Works nicely if you have access to root on a local machine for lan use Exactly. Works in Windows also if you work hard enough. > and the machines have been compiled with bpf support. Other then that Berkeley Packet Filter is (of course) enabled by default in the GENERIC kernel config with the comment that you need bpf for DHCP. > my testing on these cases over the net "internet" have not yielded any > proposed results to effect FreeBSD machines. Tried on 4.x & 5.x. > Any other proof that this yields anything that we need to worry about?. I haven't really tried extensive testing "over the internet" and I guess that would be my question. Unless you have some kind of filter between you an the target machine then I assume that the DOS would work as well across "The Internet" as it would locally. Routers should pass fragmented packets same as any other kind of traffic. What am I missing? I am thinking of the case where someone has a FreeBSD machine set up as their "corporate" firewall. Ken ------------------------------------------------------------------ Do not meddle in the affairs of wizards for they are subtle and quick to anger. Ken Hollis - Gandalf The White - gandalf@digital.net - O- TINLC WWW Page - http://gandalf.home.digital.net/ Trace E-Mail forgery - http://gandalf.home.digital.net/spamfaq.html Trolls crossposts - http://gandalf.home.digital.net/trollfaq.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?11765553.1115055152501.JavaMail.root>