From owner-freebsd-questions Wed Feb 12 14:43: 1 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE49337B401 for ; Wed, 12 Feb 2003 14:43:00 -0800 (PST) Received: from smtp.netcabo.pt (smtp.netcabo.pt [212.113.174.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE05E43FBD for ; Wed, 12 Feb 2003 14:42:35 -0800 (PST) (envelope-from andre.ramos@netcabo.pt) Received: from [81.84.50.179] ([81.84.50.179]) by smtp.netcabo.pt with Microsoft SMTPSVC(5.0.2195.5329); Wed, 12 Feb 2003 22:41:37 +0000 Subject: Re: portsentry in combination with ipfilter From: =?ISO-8859-1?Q?Andr=E9?= Ramos To: Stephen Hilton Cc: Redmond Militante , freebsd-questions@FreeBSD.ORG In-Reply-To: <20030211235530.376a5763.nospam@hiltonbsd.com> References: <20030212043806.GA1267@darkpossum> <3662.10.0.0.2.1045025758.squirrel@mail.karamazov.org> <20030212050509.GA1381@darkpossum> <20030211235530.376a5763.nospam@hiltonbsd.com> Content-Type: text/plain Organization: Message-Id: <1045089438.13088.3.camel@localhost> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.1 Date: 12 Feb 2003 22:37:18 +0000 Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 12 Feb 2003 22:41:38.0038 (UTC) FILETIME=[E7580960:01C2D2E7] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 2003-02-12 at 05:55, Stephen Hilton wrote: > What bothers me about this method of defense is the possibilty > of an attacker causing a DOS by spoofing their source scan IP > and causing your system to deny traffic from a vaild host like > your upstream DNS server. You can add your DNS server to the portsentry.ignore configuration file so that it never get's blocked. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message