Quoting "R. B. Riddick" <[EMAIL PROTECTED]> (from Sat, 11 Nov
2006 11:00:49 -0800 (PST)):
--- "Julian H. Stacey" <[EMAIL PROTECTED]> wrote:
I tried adding
${fwcmd} add pass tcp from any to any established
from src/etc/rc.firewall case - simple. Which solved it.
But I was scared, not u
On 2006-11-11 17:08, "Julian H. Stacey" <[EMAIL PROTECTED]> wrote:
> Hi security@ list,
> In my self written, large ipfw rule set, I had something that passed
> http to allow me to browse most but not all remote sites. For years
> I assumed the few sites I had difficulty with were cases pppoed MTU
R. B. Riddick napsal/wrote, On 11/11/06 20:33:
Statefull rules can stop the sophisticated intruder, but are often more
vulnerable to DoS attacks.
Hmm... U mean, when someone creates a lot of states?
At least pf can limit that...
Yes.
"Limit" mean - some packet (connections, state
--- Dan Lukes <[EMAIL PROTECTED]> wrote:
> Statefull rules can stop the sophisticated intruder, but are often more
> vulnerable to DoS attacks.
>
> Every method has pros and cons ...
>
Hmm... U mean, when someone creates a lot of states? At least pf can limit
that... But here it look
R. B. Riddick napsal/wrote, On 11/11/06 20:00:
But I was scared, not undertstand what the established bit did, &
how easily an attacker might fake something, etc.
...
Should I still be worrying aboutestablished ?
Hmm... I personally use "check-states" and "keep-state", so that it is
--- "Julian H. Stacey" <[EMAIL PROTECTED]> wrote:
> I tried adding
> ${fwcmd} add pass tcp from any to any established
> from src/etc/rc.firewall case - simple. Which solved it.
> But I was scared, not undertstand what the established bit did, &
> how easily an attacker might fake something,
Hi security@ list,
In my self written, large ipfw rule set, I had something that passed
http to allow me to browse most but not all remote sites. For years
I assumed the few sites I had difficulty with were cases pppoed MTU
!= 1500, from not having installed tcpmssd on my 4.*-RELEASE, but
then runn
