Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Jul 2001 11:47:37 +0600
From:      "Sergey N. Voronkov" <serg@tmn.ru>
To:        Nick Maschenko <mnvhome@mail.ru>
Cc:        security@FreeBSD.ORG
Subject:   Re: Fw: Re: A question about FreeBSD security
Message-ID:  <20010718114737.A53934@sv.tech.sibitex.tmn.ru>
In-Reply-To: <E15MYbJ-000P1q-00@f4.mail.ru>; from mnvhome@mail.ru on Tue, Jul 17, 2001 at 09:25:37PM %2B0400
References:  <E15MYbJ-000P1q-00@f4.mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, Jul 17, 2001 at 09:25:37PM +0400, Nick Maschenko wrote:
> 
> -----Original Message-----
> From: Kris Kennaway <kris@obsecurity.org>
> To: Nick Maschenko <mnvhome@mail.ru>
> Date: Tue, 17 Jul 2001 09:45:04 -0700
> Subject: Re: A question about FreeBSD security
> 
> > Ask on security@freebsd.org
> > 
> > On Tue, Jul 17, 2001 at 03:38:16PM +0400, Nick Maschenko wrote:
> > > Hello Kris.
> > > Sorry if my question is too stupid. :-)
> > > If it is possible for you, would you like to advice me following:
> > > 1) some URLs about packet filtering in FreeBSD (ipfw),
> > >    examples of  good  ipfw firewalls are preffered.

I prefer to use IPF 'cose of it's stateful filtering.

man security
man 4 ipf
man 5 ipf
man ipfw
more /etc/rc.firewall
cd /usr/src/contrib/ipfilter/rules; for arg in *; do more $arg; done;

> > > 2) does FreeBSD kernel realize defence against some DoS
> > >    attacks like smurf, broadcast, some types of
> > >    flooding?

Yes. See above.

> > > I know and i use Linux 2.4.x branch with iptables, which can prevent 
> some DoS attacks by using it's built-in mechanism. Does FreeBSD do 
> somethging like this? For example, i saw how "she" :-) rejects
> > > a burst of RST/ACK packets while NMap scanning (stealth scan). If you 
> do not want to answer in details, please advice me some URL(s) where i can 
> read about this myself.
> > > Best regards. Nick.

http://www.freebsdzine.org/
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html

Bye!

Serg N. Voronkov.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010718114737.A53934>