Date: Wed, 21 Apr 2004 22:01:57 +0000 (GMT) From: "E.B. Dreger" <eddy+public+spam@noc.everquick.net> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@freebsd.org Subject: Re: Other possible protection against RST/SYN attacks (was Re: TCP RST attack Message-ID: <Pine.LNX.4.44.0404212200270.21896-100000@a.mx.ict1.everquick.net> In-Reply-To: <6.0.3.0.0.20040421121715.04547510@209.112.4.2>
next in thread | previous in thread | raw e-mail | index | archive | help
MT> Date: Wed, 21 Apr 2004 12:30:40 -0400 MT> From: Mike Tancsa MT> If the attacker were on the same subnet this would not do MT> anything, but you have larger problems if this is the case. Indeed. Anti-spoofing, per-switchport MAC restrictions, and hardcoded ARP entries for routers all go a long way toward improving security. :-) Eddy -- EverQuick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita _________________________________________________________________ DO NOT send mail to the following addresses : blacklist@brics.com -or- alfra@intc.net -or- curbjmp@intc.net Sending mail to spambait addresses is a great way to get blocked.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0404212200270.21896-100000>