From owner-freebsd-security  Fri Jan 21 19: 9:11 2000
Delivered-To: freebsd-security@freebsd.org
Received: from mx2.x-treme.gr (mx2.x-treme.gr [212.120.192.15])
	by hub.freebsd.org (Postfix) with ESMTP id 4216315761
	for <freebsd-security@FreeBSD.ORG>; Fri, 21 Jan 2000 19:08:57 -0800 (PST)
	(envelope-from keramida@diogenis.ceid.upatras.gr)
Received: from hades.hell.gr (pat33.x-treme.gr [212.120.197.225])
	by mx2.x-treme.gr (8.9.3/8.9.3/IPNG-ADV-ANTISPAM-0.1) with ESMTP id FAA29968;
	Sat, 22 Jan 2000 05:08:33 +0200
Received: (from charon@localhost)
	by hades.hell.gr (8.9.3/8.9.3) id FAA27617;
	Sat, 22 Jan 2000 05:06:56 +0200 (EET)
	(envelope-from keramida@diogenis.ceid.upatras.gr)
Date: Sat, 22 Jan 2000 05:06:56 +0200
From: Giorgos Keramidas <charon@hades.hell.gr>
To: Tim Yardley <yardley@uiuc.edu>
Cc: Vladimir Dubrovin <vlad@sandy.ru>, news@technotronic.com,
	bugtraq@securityfocus.com, freebsd-security@FreeBSD.ORG
Subject: Re: explanation and code for stream.c issues
Message-ID: <20000122050656.B27571@hades.hell.gr>
Reply-To: keramida@ceid.upatras.gr
References: <4.2.0.58.20000121112253.012a8f10@students.uiuc.edu> <4.2.0.58.20000121112253.012a8f10@students.uiuc.edu> <8920.000121@sandy.ru> <4.2.0.58.20000121131202.0135ef10@students.uiuc.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0pre3i
In-Reply-To: <4.2.0.58.20000121131202.0135ef10@students.uiuc.edu>
X-PGP-Fingerprint: 62 45 D1 C9 26 F9 95 06  D6 21 2A C8 8C 16 C0 8E
X-Phone-Number: +30-94-6203692, +30-93-2886457
X-Address: Theodorou Kirinaiou 61, 26334 Patra, Greece
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Jan 21, 2000 at 01:15:27PM -0600, Tim Yardley wrote:
> 
> As was mentioned in the "advisory/explanation" on the issue, ipfw cannot
> deal with the problem due to the fact that it is stateless.
> 
> The attack comes from random ip addresses, therefore throttling like that
> only hurts your connection or solves nothing at all.  In other words, the
> random sourcing and method of the attack, makes a non-stateless firewall
> useless.

Substitute 'stateless' for 'non-stateless' above.  A stateless firewall, like
IPFW is the type of firewall that is useless.

-- Giorgos


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message