Date: Sat, 05 Dec 1998 09:14:21 GMT From: "C. Peter Constantinidis" <pc@shaw.wave.ca> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-current@FreeBSD.ORG Subject: Re: D.O.S. attack protection enhancements commit (ICMP_BANDLIM) Message-ID: <3668f84f.12730770@mail.tor.shaw.wave.ca> In-Reply-To: <199812010607.WAA03051@apollo.backplane.com> References: <199812010607.WAA03051@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi.. I don't know if you've committed this yet or not. But from what I can
tell you from personal experience, being threatened with smurfs on irc, etc.
As well as knowing many linux script kiddiez that just foam at the mouth to
find some, any, loophole that can be used to screw things up..
If your proposal makes things safer, then it should go in.
This is part of the reason that I lean towards FreeBSD rather than Linux..
it's not as widely popular or 'known'.. so the attacks for it are not as
numerous.. if the kiddiez knew all one had to do was overload the mbuf, then
they would do it daily. (And of course, the FreeBSD community doesn't seem
composed of children.)
So yeah, I like the sounds of a rate limiting feature by default.
P.
--
pc@shaw.wave.ca
DSS/D-H: 0x81F1BC09 DFD1 D149 40BD 8139 05D5 D8FA 2BA4 E143 81F1 BC09
RSA: 0x6DC376E5 0AE1 0FB7 A43A 0818 3EC4 F2DD 1458 EFCE
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3668f84f.12730770>