From owner-freebsd-security  Thu Aug 13 03:14:15 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id DAA04134
          for freebsd-security-outgoing; Thu, 13 Aug 1998 03:14:15 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mail.ftf.dk (mail.ftf.dk [129.142.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA04119
          for <freebsd-security@FreeBSD.ORG>; Thu, 13 Aug 1998 03:14:10 -0700 (PDT)
          (envelope-from regnauld@deepo.prosa.dk)
Received: from mail.prosa.dk ([192.168.100.254])
	by mail.ftf.dk (8.8.8/8.8.8/gw-ftf-1.0) with ESMTP id MAA22079;
	Thu, 13 Aug 1998 12:18:41 +0200 (CEST)
	(envelope-from regnauld@deepo.prosa.dk)
Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10])
	by mail.prosa.dk (8.8.8/8.8.5/prosa-1.1) with ESMTP id MAA18294;
	Thu, 13 Aug 1998 12:20:47 +0200 (CEST)
Received: (from regnauld@localhost)
	by deepo.prosa.dk (8.8.8/8.8.5/prosa-1.1) id MAA03523;
	Thu, 13 Aug 1998 12:18:46 +0200 (CEST)
Message-ID: <19980813121846.33945@deepo.prosa.dk>
Date: Thu, 13 Aug 1998 12:18:46 +0200
From: Philippe Regnauld <regnauld@deepo.prosa.dk>
To: Brett Glass <brett@lariat.org>
Cc: Marius Bendiksen <Marius.Bendiksen@scancall.no>,
        freebsd-security@FreeBSD.ORG
Subject: Re: UDP port 31337
References: <199808121735.LAA00738@lariat.lariat.org> <3.0.5.32.19980812192128.0097a2a0@mail.scancall.no> <199808121700.LAA00346@lariat.lariat.org> <Pine.BSF.3.96.980812225354.21008E-100000@aniwa.sky> <3.0.5.32.19980812112915.0092ead0@mail.scancall.no> <3.0.5.32.19980812193700.0092f220@mail.scancall.no> <199808121812.MAA01183@lariat.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.88e
In-Reply-To: <199808121812.MAA01183@lariat.lariat.org>; from Brett Glass on Wed, Aug 12, 1998 at 12:04:54PM -0600
X-Operating-System: FreeBSD 2.2.6-RELEASE i386
Phone: +45 3336 4148
Address: Ahlefeldtsgade 16, 1359 Copenhagen K, Denmark
Organization: PROSA
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Brett Glass writes:
> If no one was listening, it wouldn't be a problem.
> 
> Only an attacker who INTENDED to invade your systems would be subject to
> crashes due to the response. And would deserve it.

	... provided he hadn't spoofed his source address...

	i.e.: you might be retaliating against some poor guy who didn't ask 
	for it. (I could for example spoof a source address of 206.100.185.2).

	The rare occasions where I've taken down the host at the other
	end, was in cases of _unmistakable_ spammers, as they were sending
	their junk, from dialup Whinedoze machines. (And then again it
	takes time to figure out who's the the real culprit).

-- 
 -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-

               The Internet is busy.  Please try again later.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message