From owner-freebsd-questions@FreeBSD.ORG Thu Aug 28 16:25:04 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76DA216A4BF for ; Thu, 28 Aug 2003 16:25:04 -0700 (PDT) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.202.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 881804402B for ; Thu, 28 Aug 2003 16:25:03 -0700 (PDT) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: from be-well.ilk.org (be-well.no-ip.com[66.30.200.37]) by comcast.net (sccrmhc11) with ESMTP id <200308282325020110035k10e>; Thu, 28 Aug 2003 23:25:02 +0000 Received: from be-well.ilk.org (lowellg.ne.client2.attbi.com [66.30.200.37] (may be forged)) by be-well.ilk.org (8.12.9/8.12.9) with ESMTP id h7SNP2N9048486; Thu, 28 Aug 2003 19:25:02 -0400 (EDT) (envelope-from freebsd-questions-local@be-well.no-ip.com) Received: (from lowell@localhost) by be-well.ilk.org (8.12.9/8.12.6/Submit) id h7SNP1Pq048483; Thu, 28 Aug 2003 19:25:01 -0400 (EDT) X-Authentication-Warning: be-well.ilk.org: lowell set sender to freebsd-questions-local@be-well.ilk.org using -f Sender: lowell@be-well.no-ip.com To: "ZaiD Dashti" References: From: Lowell Gilbert Date: 28 Aug 2003 19:25:01 -0400 In-Reply-To: Message-ID: <447k4x74c2.fsf@be-well.ilk.org> Lines: 16 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-questions@freebsd.org Subject: Re: how to use firewall ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2003 23:25:04 -0000 "ZaiD Dashti" writes: > i got DoS attack > how i can use the firewall ? > i have tried to understand (man ipfw) but i didn't understand it > any easy way to learn and understand firewall (ipfw) The first thing you need to understand is what a firewall does, and what you're protecting. If you don't understand both of those, you need to study up on it -- there is no easy way around that for protecting a public Internet host from a Denial of Service attack. My recommendations for materials in this area are Cheswick, Bellovin (and Rubin, in the latest edition), "Firewalls and Internet Security: Repelling the Wily Hacker", and Zwicky, Cooper, and Chapman, "Building Internet Firewalls".