Date: Wed, 10 Oct 2001 11:41:51 +0300 From: ANdrei <andrei@abc.ro> To: freebsd-security@FreeBSD.ORG Cc: Randy Lee <bl33z@yahoo.com> Subject: Re: ipfw - DoS ? Message-ID: <3BC409CF.BC11F35E@abc.ro> References: <20011009233730.11902.qmail@web20907.mail.yahoo.com> <200110100334.f9A3Yoh91437@oksala.org>
next in thread | previous in thread | raw e-mail | index | archive | help
anyhow, answering how to deny:
deny ip from any to any 3072
or (a bit different and in the rc.firewall-file format):
${fwcmd} add <nr_of_rule> unreach net all from any to any 3072
this answers to icmp "net unreacheable"...
but it's better you choose an closed policy for default, and then you
configure your firewall to pass through only what you want...
maybe i'm wrong, but i guess this is best to do...
aloha,
ANdrei
> > Is someone is DoS'ing my server ?
> >
> > How can i deny all connection from port :3072 and
> > :1024 using ipfw ?
>
> I think it's useless to block non-listening ports
> So it's certainly a port scan. Don't worry about it.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
"I live in my own little world - but it's ok, they know me here!"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BC409CF.BC11F35E>