On Tue, 01 Jul 2003 at 15:13:00 -0400, Matt Zimmerman wrote: > On Tue, Jul 01, 2003 at 05:57:27PM +0200, Tomasz Papszun wrote: > > > On Mon, 30 Jun 2003 at 22:39:15 -0400, Matt Zimmerman wrote: > > > Not really a good idea. Consider what happens when someone forges the IP > > > addresses. > > > > One can predefine trusted or other very important IP addresses which > > cannot be blocked. > > In fact, such an utility exists and is present in Debian Woody: > > fwlogwatch. > > Which ones are important? For example, one could forge packets from
Everyone must decide it for himself :-) . > millions of random IP addresses, popular web sites, etc. and easily DoS such > a system. Sure, I am aware of cons of similar technique and I know that it's _very_ far from perfectness. I wrote the previous message only because someone wondered about creating similar utility, so I pointed to one of already existing one :-) . -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
