From owner-freebsd-security Wed Dec 8 14:36:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from atdot.dotat.org (atdot.dotat.org [150.101.89.3]) by hub.freebsd.org (Postfix) with ESMTP id 0B0DB14A29 for ; Wed, 8 Dec 1999 14:36:38 -0800 (PST) (envelope-from newton@atdot.dotat.org) Received: (from newton@localhost) by atdot.dotat.org (8.9.3/8.7) id JAA07820; Thu, 9 Dec 1999 09:02:04 +1030 (CST) Date: Thu, 9 Dec 1999 09:02:04 +1030 From: Mark Newton To: Adam Laurie Cc: "Scott I. Remick" , freebsd-security@FreeBSD.ORG Subject: Re: What kind of attack is this? Message-ID: <19991209090204.E7509@atdot.dotat.org> References: <4.2.2.19991208162315.00b5f4e0@mail.computeralt.com> <19991209083140.A7509@atdot.dotat.org> <384ED7F4.61804910@algroup.co.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="cHMo6Wbp1wrKhbfi" X-Mailer: Mutt 1.0i In-Reply-To: <384ED7F4.61804910@algroup.co.uk>; from adam@algroup.co.uk on Wed, Dec 08, 1999 at 10:13:08PM +0000 X-PGP-Key: http://slash.dotat.org/~newton/pgpkey.txt Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --cHMo6Wbp1wrKhbfi Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable On Wed, Dec 08, 1999 at 10:13:08PM +0000, Adam Laurie wrote: > > ipfw add pass udp from any GOODPORT to any in via OUTSIDE-INTERFACE > > i in via OUTSIDE-INTERFACE > > ipfw add pass all from any to any >=20 > No, that would be bad. If they can spoof their address, they can > certainly spoof the source port (get a copy of netcat (respex to hobbit) > and have a play if you don't believe it). Yes, I know that, but under the circumstances can you think of any better ideas? :-) - mark -------------------------------------------------------------------- I tried an internal modem, newton@atdot.dotat.org but it hurt when I walked. Mark Newton ----- Voice: +61-4-1620-2223 ------------- Fax: +61-8-82231777 ----- --cHMo6Wbp1wrKhbfi Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: J8fISUaNkofDdsuMEOLqbnNwUzVRPkgf iQA/AwUBOE7cYzVY9oBk/GJ4EQIrzwCfSK8lJ8W/9JxbFaG1CzeXI/7yxk0AnjQt 0NO3sUA+sjC6MIL3WUYL5LMM =W2O0 -----END PGP SIGNATURE----- --cHMo6Wbp1wrKhbfi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message