From owner-freebsd-security@FreeBSD.ORG Thu Feb 19 18:13:27 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9100B16A4CE for ; Thu, 19 Feb 2004 18:13:27 -0800 (PST) Received: from caligula.anu.edu.au (caligula.anu.edu.au [150.203.224.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id F36F143D1F for ; Thu, 19 Feb 2004 18:13:26 -0800 (PST) (envelope-from avalon@caligula.anu.edu.au) Received: from caligula.anu.edu.au (localhost [127.0.0.1]) by caligula.anu.edu.au (8.12.9/8.12.9) with ESMTP id i1K2DPbF021728; Fri, 20 Feb 2004 13:13:25 +1100 (EST) Received: (from avalon@localhost) by caligula.anu.edu.au (8.12.9/8.12.8/Submit) id i1K2DPoC021725; Fri, 20 Feb 2004 13:13:25 +1100 (EST) From: Darren Reed Message-Id: <200402200213.i1K2DPoC021725@caligula.anu.edu.au> To: bj93542@yahoo.com (Dorin H) Date: Fri, 20 Feb 2004 13:13:25 +1100 (Australia/ACT) In-Reply-To: <20040220003052.41695.qmail@web12606.mail.yahoo.com> from "Dorin H" at Feb 19, 2004 04:30:52 PM X-Mailer: ELM [version 2.5 PL1] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 20 Feb 2004 02:24:54 -0800 cc: freebsd-security@freebsd.org Subject: Re: traffic normalizer for ipfw? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2004 02:13:27 -0000 In some mail from Dorin H, sie said: > > True, it's part of IDS. Nevertheless, do you think > that traffic normalizing is useful? No. The worst part of normalizing traffic is that it "tampers" with your evidence that comes in from the network. Darren