Date: Thu, 13 Aug 1998 12:18:46 +0200 From: Philippe Regnauld <regnauld@deepo.prosa.dk> To: Brett Glass <brett@lariat.org> Cc: Marius Bendiksen <Marius.Bendiksen@scancall.no>, freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <19980813121846.33945@deepo.prosa.dk> In-Reply-To: <199808121812.MAA01183@lariat.lariat.org>; from Brett Glass on Wed, Aug 12, 1998 at 12:04:54PM -0600 References: <199808121735.LAA00738@lariat.lariat.org> <3.0.5.32.19980812192128.0097a2a0@mail.scancall.no> <199808121700.LAA00346@lariat.lariat.org> <Pine.BSF.3.96.980812225354.21008E-100000@aniwa.sky> <3.0.5.32.19980812112915.0092ead0@mail.scancall.no> <3.0.5.32.19980812193700.0092f220@mail.scancall.no> <199808121812.MAA01183@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass writes:
> If no one was listening, it wouldn't be a problem.
>
> Only an attacker who INTENDED to invade your systems would be subject to
> crashes due to the response. And would deserve it.
... provided he hadn't spoofed his source address...
i.e.: you might be retaliating against some poor guy who didn't ask
for it. (I could for example spoof a source address of 206.100.185.2).
The rare occasions where I've taken down the host at the other
end, was in cases of _unmistakable_ spammers, as they were sending
their junk, from dialup Whinedoze machines. (And then again it
takes time to figure out who's the the real culprit).
--
-[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
The Internet is busy. Please try again later.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980813121846.33945>