From owner-freebsd-security  Tue Nov 28 23:10:39 2000
Delivered-To: freebsd-security@freebsd.org
Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220])
	by hub.freebsd.org (Postfix) with ESMTP id 1C8C737B400
	for <freebsd-security@freebsd.org>; Tue, 28 Nov 2000 23:10:35 -0800 (PST)
Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!)
	by homer.softweyr.com with esmtp (Exim 3.16 #1)
	id 1411QF-0000OP-00; Wed, 29 Nov 2000 00:12:55 -0700
Message-ID: <3A24AC77.51EF28C@softweyr.com>
Date: Wed, 29 Nov 2000 00:12:55 -0700
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Nate Williams <nate@yogotech.com>
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
	freebsd-security@FreeBSD.ORG
Subject: Re: NATD: failed to write packet back (Permission denied)
References: <001701c057c4$1e1ac010$0200a8c0@n2>
		<20001126110756.C34151@149.211.6.64.reflexcom.com>
		<000b01c057dd$f9423ab0$0200a8c0@n2>
		<20001126113720.A70192@149.211.6.64.reflexcom.com>
		<3A2183E7.6039C582@FreeBSD.org>
		<20001126140033.E70192@149.211.6.64.reflexcom.com>
		<3A218C5B.9F677E51@FreeBSD.org>
		<200011270130.UAA88239@khavrinen.lcs.mit.edu>
		<3A221402.D88321D8@softweyr.com> <14882.49100.131730.989201@nomad.yogotech.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Nate Williams wrote:
> 
> > Since I have T-1 speeds coming into said basement, it is entirely likely
> > that somebody may notice and attempt to hijack one or more of my machines
> > to use in a DDOS attack.  In fact, somebody already has tried.  And failed.
> 
> Only once?  I'm scanned 3-4 times/day, and weekly get script kiddies
> attempting to do remote exploits.

I get scanned several times a day.  I've only captured one dedicated attack
attempt, using several known attacks on DNS, POP, and telnet.  They didn't
get far, but they did try.

> Having been responsible for monitoring a box on the internet full-time
> since '94, I can't imagine *NOT* using a firewall if you have a
> full-time connection, static IP or not.

Ditto.  In fact, I work full-time building a firewall/router/server for
"ordinary people".  ;^)

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message