> -----Original Message----- > From: Mark Ferlatte [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 04, 2002 12:34 PM > To: 'debian' > Subject: Re: attacks > > > You probably want to add some route verification too: > > for f in /proc/sys/net/ipv4/conf/*/rp_filter; do > > echo 1 > $f > > done > > Debian turns this on by default, so you don't have to do it by hand. > But you can if you really want to.
Oh OK, I seem to remember reading that. But, that brings up a point I've been trying to resolve... would "2" be better? What would be the implications of using it, more overhead? > > Anyway, what I would do is block TCP & UDP 0-19. This tosses > > What I would do instead is to set your default policy to DROP Yeah, forgot to mention that the first time around. ;) Jeff Bonner -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
