Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 11 Nov 2006 20:19:33 +0100
From:      Dan Lukes <dan@obluda.cz>
To:        freebsd-security@freebsd.org
Subject:   Re: src/etc/rc.firewall simple ${fw_pass} tcp from any to any	established
Message-ID:  <45562245.8070804@obluda.cz>
In-Reply-To: <216597.35069.qm@web30315.mail.mud.yahoo.com>
References:  <216597.35069.qm@web30315.mail.mud.yahoo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
R. B. Riddick napsal/wrote, On 11/11/06 20:00:
>> But I was scared, not undertstand what the established bit did, &
>> how easily an attacker might fake something, etc.
...
>> Should I still be worrying about 	established ?

> Hmm... I personally use "check-states" and "keep-state", so that it is not

	Statefull rules can stop the sophisticated intruder, but are often more 
vulnerable to DoS attacks.

	Every method has pros and cons ...

					Dan

	

-- 
Dan Lukes                                   SISAL MFF UK
AKA: dan@obluda.cz, dan@freebsd.cz,dan@kolej.mff.cuni.cz



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45562245.8070804>