From owner-freebsd-security  Thu Aug 13 03:18:19 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id DAA04487
          for freebsd-security-outgoing; Thu, 13 Aug 1998 03:18:19 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA04482
          for <freebsd-security@FreeBSD.ORG>; Thu, 13 Aug 1998 03:18:18 -0700 (PDT)
          (envelope-from brett@lariat.org)
Received: (from brett@localhost)
	by lariat.lariat.org (8.8.8/8.8.6) id EAA09424;
	Thu, 13 Aug 1998 04:17:43 -0600 (MDT)
Message-Id: <199808131017.EAA09424@lariat.lariat.org>
X-Sender: brett@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1.0.44 (Beta)
Date: Thu, 13 Aug 1998 04:17:42 -0600
To: Philippe Regnauld <regnauld@deepo.prosa.dk>
From: Brett Glass <brett@lariat.org>
Subject: Re: UDP port 31337
Cc: Marius Bendiksen <Marius.Bendiksen@scancall.no>,
        freebsd-security@FreeBSD.ORG
In-Reply-To: <19980813121846.33945@deepo.prosa.dk>
References: <199808121812.MAA01183@lariat.lariat.org>
 <199808121735.LAA00738@lariat.lariat.org>
 <3.0.5.32.19980812192128.0097a2a0@mail.scancall.no>
 <199808121700.LAA00346@lariat.lariat.org>
 <Pine.BSF.3.96.980812225354.21008E-100000@aniwa.sky>
 <3.0.5.32.19980812112915.0092ead0@mail.scancall.no>
 <3.0.5.32.19980812193700.0092f220@mail.scancall.no>
 <199808121812.MAA01183@lariat.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 12:18 PM 8/13/98 +0200, Philippe Regnauld wrote:
 
>Brett Glass writes:
>> If no one was listening, it wouldn't be a problem.
>> 
>> Only an attacker who INTENDED to invade your systems would be subject to
>> crashes due to the response. And would deserve it.
>
>	... provided he hadn't spoofed his source address...
>
>	i.e.: you might be retaliating against some poor guy who didn't ask 
>	for it. (I could for example spoof a source address of 206.100.185.2).

You're clearly not listening.

Again, the counterattack would do nothing unless it arrived at the system
which was actually being used to conduct the attack.

--Brett Glass

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message