Date: Tue, 14 Dec 1999 08:09:33 -0500 From: Mike Tancsa <mike@sentex.net> To: pccb@yahoo.com Cc: freebsd-security@freebsd.org Subject: Re: Why use a Firewall? Message-ID: <4.1.19991214075631.03f07780@granite.sentex.ca> In-Reply-To: <3855E2B4.59CDD2FD@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:24 AM 12/14/99 , Pierre Chiu wrote: >>Spoofed addresses for one thing. There are many reasons. Sometimes if >I don't think firewall can stop spoofed ip. >It can stop non-routable ip like (192.168.1.1), but if your ip is >24.112.1.1 and you spoofed it as 24.118.1.1, I doubt firewall can detect >it. Of course it can. e.g. if your network inside is 123.123.123.0/24 and your interface to the outside world, fxp0 ipfw add 100 deny log ip from 123.123.123.123 in via fxp0 ---Mike ********************************************************************** Mike Tancsa * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 519 651 3400 Canada * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19991214075631.03f07780>