Date: Tue, 25 Jul 2000 03:04:22 -0500 From: Stephen Montgomery-Smith <stephen@math.missouri.edu> To: freebsd-security@FreeBSD.ORG Subject: Re: Problems with natd and simple firewall Message-ID: <397D4A06.9CFAF1FA@math.missouri.edu> References: <397C8F30.8DFCE0E9@math.missouri.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I am coming to the conclusion that the only reasonably easy way to fix this is that the antispoofing should be done by the program natd. We could add another option to natd that would disallow any outgoing packets sent to an unregistered ip address, and disallow any incoming packets from or to an unregistered ip address. Call it -antispoof. What do you guys think? I think it would be quite an easy job - I would be happy to do it, but if it isn't going to be accepted, I don't want to make the effort. Stephen -- Stephen Montgomery-Smith Department of Mathematics, University of Missouri, Columbia, MO 65211 Phone 573-882-4540, fax 573-882-1869 http://www.math.missouri.edu/~stephen stephen@math.missouri.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397D4A06.9CFAF1FA>