--On Monday, August 12, 2002 09:07:20 -0700 Paul Jacobs <[EMAIL PROTECTED]> wrote:
> Why is it that after SUN'S new "TCP Hardening" patch and the 8+ new services running >on my box now that when you goto "Action Against Detected Scans" and select "Log and >Block" you get a message saying " if you enable this option you will be open to > DOS attack's! ?. Because if someone scans your box using forged source addresses, you will be blocking the forged addresses, which just might happen to belong to your customers. If they forge the IPs to be those of the relatively few AOL proxies, for example, then the scan could cause you to block everyone from AOL. Frank -- Frank Smith [EMAIL PROTECTED] Systems Administrator Voice: 512-374-4673 Hoover's Online Fax: 512-374-4501 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
