Date: Sat, 11 Nov 2006 20:19:33 +0100 From: Dan Lukes <dan@obluda.cz> To: freebsd-security@freebsd.org Subject: Re: src/etc/rc.firewall simple ${fw_pass} tcp from any to any established Message-ID: <45562245.8070804@obluda.cz> In-Reply-To: <216597.35069.qm@web30315.mail.mud.yahoo.com> References: <216597.35069.qm@web30315.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
R. B. Riddick napsal/wrote, On 11/11/06 20:00: >> But I was scared, not undertstand what the established bit did, & >> how easily an attacker might fake something, etc. ... >> Should I still be worrying about established ? > Hmm... I personally use "check-states" and "keep-state", so that it is not Statefull rules can stop the sophisticated intruder, but are often more vulnerable to DoS attacks. Every method has pros and cons ... Dan -- Dan Lukes SISAL MFF UK AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45562245.8070804>