From owner-freebsd-security  Thu Jun 10  8:47:13 1999
Delivered-To: freebsd-security@freebsd.org
Received: from pinochet.cityline.ru (pinochet.cityline.ru [195.46.160.34])
	by hub.freebsd.org (Postfix) with ESMTP id C818014BF8
	for <freebsd-security@FreeBSD.ORG>; Thu, 10 Jun 1999 08:46:56 -0700 (PDT)
	(envelope-from ratebor@cityline.ru)
Received: from ppp36-5-75.cityline.ru (ppp36-5-75.cityline.ru [195.46.165.75])
	by pinochet.cityline.ru (8.9.2/t/08-Oct-1998) with SMTP id TAA09631
	for <freebsd-security@FreeBSD.ORG>; Thu, 10 Jun 1999 19:43:52 +0400 (MSD)
Date: Thu, 10 Jun 1999 19:39:59 +0400
From: Dmitriy Bokiy <ratebor@cityline.ru>
X-Mailer: The Bat! (v1.32) UNREG / CD5BF9353B3B7091
Reply-To: Dmitriy Bokiy <ratebor@cityline.ru>
X-Priority: 3 (Normal)
Message-ID: <18819.990610@cityline.ru>
To: freebsd-security@FreeBSD.ORG
Subject: Newbie questions: DoS & xinetd
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi all,

1)I've been wondering how FreeBSD (3.1-Stable, inetd - some_version -
how is it obtained?) can handle these DoS attacks: ICMP Redirect,SYN Flood.

Specifically I`m interested in knowing about those kernels variables
and inetd options which are known to change the default behavior.
I found this: net.inet.ip.redirect=1. Is it bad?

2)Is it worth moving to/making use of xinetd?

Thanks for any bit of information.

- Dmitriy




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message