From owner-freebsd-security  Tue Jul 17 10:26: 4 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mx6.port.ru (mx6.port.ru [194.67.23.42])
	by hub.freebsd.org (Postfix) with ESMTP id 01FF037B403
	for <security@freebsd.org>; Tue, 17 Jul 2001 10:25:40 -0700 (PDT)
	(envelope-from mnvhome@mail.ru)
Received: from f4.int ([10.0.0.51] helo=f4.mail.ru)
	by mx6.port.ru with esmtp (Exim 3.14 #1)
	id 15MYbJ-0009hC-00
	for security@freebsd.org; Tue, 17 Jul 2001 21:25:37 +0400
Received: from mail by f4.mail.ru with local (Exim 3.14 #1)
	id 15MYbJ-000P1q-00
	for security@freebsd.org; Tue, 17 Jul 2001 21:25:37 +0400
Received: from [212.35.160.177] by koi.mail.port.ru with HTTP;
	Tue, 17 Jul 2001 17:25:37 +0000 (GMT)
From: "Nick Maschenko" <mnvhome@mail.ru>
To: security@freebsd.org
Subject: Fw: Re: A question about FreeBSD security
Mime-Version: 1.0
X-Mailer: mPOP Web-Mail 2.19
X-Originating-IP: unknown via proxy [212.35.160.177]
Reply-To: "Nick Maschenko" <mnvhome@mail.ru>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit
Message-Id: <E15MYbJ-000P1q-00@f4.mail.ru>
Date: Tue, 17 Jul 2001 21:25:37 +0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


-----Original Message-----
From: Kris Kennaway <kris@obsecurity.org>
To: Nick Maschenko <mnvhome@mail.ru>
Date: Tue, 17 Jul 2001 09:45:04 -0700
Subject: Re: A question about FreeBSD security

> Ask on security@freebsd.org
> 
> On Tue, Jul 17, 2001 at 03:38:16PM +0400, Nick Maschenko wrote:
> > Hello Kris.
> > Sorry if my question is too stupid. :-)
> > If it is possible for you, would you like to advice me following:
> > 1) some URLs about packet filtering in FreeBSD (ipfw),
> >    examples of  good  ipfw firewalls are preffered.
> > 2) does FreeBSD kernel realize defence against some DoS
> >    attacks like smurf, broadcast, some types of
> >    flooding?
> > I know and i use Linux 2.4.x branch with iptables, which can prevent some DoS attacks by using it's built-in mechanism. Does FreeBSD do somethging like this? For example, i saw how "she" :-) rejects
> > a burst of RST/ACK packets while NMap scanning (stealth scan). If you do not want to answer in details, please advice me some URL(s) where i can read about this myself.
> > Best regards. Nick.
> > 
> > ---
> 
> 
> 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message